Criptojacking

Cryptojacking is the use of someone else's device to mine digital currencies.

Cryptojacking: definition

Cryptojacking (or the malicious mining of crypto-currencies) can be defined as the undetected use of someone else's device to mine digital currencies. It infiltrates a computer, smartphone or IT network, not to access data, but to mine crypto-currencies using others' devices.

 

Why does it happen?

Mining for crypto-currencies is a complex business and uses a lot of resources, both energy and computing power. As such, hackers have discovered an easier way of doing this: using other people's computers to run the calculations required -consuming other people's power supplies- to get digital currencies.

 

How can your computer be infected?

There are several possible ways in which cryptojacking can exploit your computers, but the most frequent are:

1. Malware

Cyber-criminals can install in several ways (via email, when you install an app, activating hidden software, etc.) malware that can take control of your device, using up your CPU and mining crypto-currencies without your knowledge.

2. Websites and browsers

An increasingly frequent practice works like this: some websites, without informing users, offer your Internet connection for mining, which is defrauding the users whose computers are put at the service of third parties. Through your browser, your computer and bandwidth are being used to generate new crypto-coins.

 

Associated risks

The greatest danger of cryptojacking is not just that it implies access to personal computers at home, but that it can saturate all the computers in a company, with a range of negative consequences:

Resource consumption

Companies end up with huge electricity bills, as cryptojacking tries to get as much from the computer as possible, using it whenever it can.

Technical problems

Normal computers are not designed to operate while mining crypto-coins. If cryptojacking infects a device, it will create problems such as loss of productivity and additional expenses: as technical help will be needed or even computer replacement.

Corporate cyber-security

Although data theft may not be among the priorities of those responsible for cryptojacking, nevertheless the fact that these types of criminals have infiltrated your computers represents a serious breach of corporate cyber-security.

 

How to protect yourself

  • Run frequent risk assessments to identify possible vulnerabilities.
  • Frequently update all corporate systems, consider uninstalling software that is not used.
  • Protect Web browsers on endpoints with specific add-ons to protect against crypto-currency mining by blocking malicious scripts.
  • Thoroughly investigate spikes in certain IT problems related to abnormal CPU usage. If a lot of employees have reported slow performance or overheating of devices, you could be the victim of cryptojacking.
  • These actions should be complemented with the implementation of an advanced cyber-security solution that offers key functions such as detailed visibility of endpoint activity and monitoring of running processes. This is the case with Panda Dome Premium, the prestige range of security from Panda Security.