You may have heard about cryptojacking by now. Those pesky mining botnets that infiltrate devices and force them to mine cryptocurrency. But if you haven’t paid much attention to it yet, you probably should. Cryptojacking is now a major problem and it’s way easier to get infected than you may think.
Here’s why you should be taking it seriously:
Cryptojacking, otherwise known as illicit crypto mining, became the top cyber threat of 2018, overtaking Ransomware
Some 25 percent of companies have already been affected by mining botnets
In Q4 of 2017 incidents of cryptojacking rose by 8,500 percent
You don’t have to download Malware to get cryptojacked
These are just a handful of stats about the latest cybercrime that’s got the hacking community abuzz. But perhaps one of the scariest things about cryptojacking is that unlike a DDoS attack or a Ransomware, you may not even know it’s happening.
Just like a parasite, a mining botnet enters your computer, server, IoT device, or smartphone and can sit there undetected for months, quietly feeding off your CPU.
The first thing you may notice is an excessively high electricity bill (mining cryptocurrency takes a lot of horsepower) or that your computer fan is suddenly kicking into overdrive.
How You Can Get Cryptojacked
You don’t even have to download a vicious code to have your machine cryptojacked. Nearly 50,000 websites were infected with mining botnets in March of this year, including the UK government’s official website.
There’s little to worry about if you stumble upon one of these infected sites since you’ll probably notice that your computer is running slowly as the browser starts to mine Monero. Simply close the site and stop sharing your power (unless you want to, of course).
However, it’s much more complicated when you unwittingly download the Malware to your device. And there are a ton of ways you can do this. Through a phishing email, from an infected advert (it helps to use adblockers) or by downloading a free software.
Free Content Management Systems (CMS) like WordPress are one of the most popular vectors for delivering mining botnets. It’s even happening on some video games–Steam recently found that out after pulling a game accused of being a cryptocurrency mining scam.
What Should You Do About It?
If your device functions more slowly than usual, your battery runs down fast, or your electricity bill goes up, you should get your device checked. Fortunately, this type of cyber thief is only after one thing: your CPU power. They’re not looking to steal your data or your cash. But, like any parasite, you’ll want to get rid of them as fast as you can.
And for companies, cryptojacking poses a more important question–if a mining botnet can hijack their servers and force them to mine Monero, how was it able to breach the system firewall in the first place? What if it had been something more sinister like Petya or WannaCry?
IT managers can think of mining botnets as a wakeup call and see them as a chance to prepare themselves for more serious crimes.
Okay, so you may still argue that the state of the climate, global politics, or your piling mountain of bills are more worrying than cryptojacking. But do you really want to be a victim of a criminal using your electricity and weakening your machine? Probably not.