As the value of cryptocurrencies like Bitcoin and Monero skyrocketed last year, a more sinister trend came with it. Cybercriminals saw the opportunity to hijack unprotected computers to use their processing power to mine cryptocurrency – an activity that involves calculating extremely complex mathematical problems.
Those calculations require a lot of CPU resources and electricity, so hackers use browser mining scripts to illicitly using other people’s computers (called cryptojacking) so they can mine cryptocurrencies at no cost.
In this article, we’ll explain how you can protect your system from browser mining so it’s not used as a get-rich-quick vehicle for cybercriminals.
Cryptomining costs
First, we need to understand the nature of cryptocurrencies. These digital currencies are based on cryptography (also referred to as hash algorithms) that record financial transactions. There are only a certain number of hashes available, which help establish the relative value of each unit.
Creating new units of a cryptocurrency involves solving complex mathematical problem. The first person to solve the problem gets paid for their efforts in that cryptocurrency. That means legal cryptominers must invest in server farms for computing power, tremendous amounts of electricity, and cooling systems that help keep their mining operations efficient as they crunch the numbers.
Spreading the wealth with cryptomining
Browser mining scripts are not all malicious. Some websites have been experimenting with them as a possible revenue generator that would replace online advertising. One of the first websites to try this approach, for example, was Quartz. The idea of spreading cryptomining efforts across multiple user computers in exchange for access to the website seemed reasonable, especially since the user would be informed and asked to agree to the deal.
Unfortunately this approach has been abused by criminals. Rather than invest in the infrastructure needed for legitimate cryptomining, they look at browser mining scripts as a way to avoid those costs. And whether it’s Coinhive offering Monero mining tools that you insert into a website, or Coinhive alternatives like EObot and Awesome Miner that have browser Bitcoin miners, criminals have the tools needed at their fingertips.
The result is cryptojacking.
How to tell if your computer been cryptojacked
Given the drain on your CPU, if your computer suddenly is running slowly or your battery is draining particularly fast, you might have been hacked. How can you tell?
Open up your Windows Task Manager or macOS Activity Monitor and click on "Processes." If you see that your browser is working overtime, you can shut it down and restart. Unfortunately, this doesn't tell you what site ran the browser mining script.
Unfortunately, hackers are making it harder to spot their efforts. While older scripts maximized CPU use, new cryptomining scripts throttle back to as little as 20 percent, making them more difficult to detect.
Stopping cryptomining in browsers
While manually identifying attacks is much harder now, there are preventative steps you can take that will automatically reduce your exposure and vulnerability to browser-based attacks.
Deploy Browser Extensions
Most popular web browsers now include extensions that can help stop web-based cryptomining attacks. These can include both solutions developed by the browser developer, or open-source extensions that can be added on. The No Coin and MinerBlocker solutions, for example, monitor for suspicious activity and block attacks, and both have extensions available for Chrome, Opera, and Firefox.
Ad-Blocker Software
Given the explosion of cryptomining malware, many ad-blockers now include a Coinhive blocker that filters the script from running on your browser. If you have an ad-blocker installed, you’ll need to select that script blocker.
Disable Javascript
If you want to completely block certain attacks, most browsers will allow you to disable JavaScript – although many legitimate websites still use JavaScript, so disabling it may cause problems.
Block Domains
You can also block specific domains that you suspect of cryptomining. Simply open your browser, find the "Customize" drop-down, and then block a URL. To block Coinhive, you can copy/paste https://coin-hive.com/lib/coinhive.min.js into the text box.
Final Thoughts
Blocking browser mining scripts is an important step to take to ensure the integrity and operational efficiency of your system – and the steps needed to secure your computer are not very complicated.
Keep in mind, however, there are many cryptojackers that are not browser based. Instead, they are standalone programs that infect your system directly, often including ransomware to maximize their profitability. To combat those standalone variants, you might consider Acronis True Image 2020 Cyber Protection, which provides both proven backup capabilities and an integrated anti-ransomware and cryptomining malware blocker that is powered by artificial intelligence.
By protecting against both browser mining and standalone cryptomining malware, you can stop cybercriminals from ever using your system as their personal cash machine.
As a seasoned cybersecurity expert with years of hands-on experience, I've delved deep into the intricacies of cryptocurrency-related threats, particularly the rising menace of cryptojacking. My expertise extends beyond theoretical knowledge, encompassing practical insights gained through analyzing real-world cyber threats and devising effective countermeasures. I have closely followed the evolving landscape of digital currencies, their underlying technologies, and the associated security challenges.
The article sheds light on the intersection of cryptocurrency values, especially Bitcoin and Monero, and the nefarious activities of cybercriminals who exploit unprotected computers for crypto mining. This is a crucial issue that demands attention, as the surge in the value of cryptocurrencies has provided an enticing opportunity for malicious actors to hijack computing resources and engage in unauthorized mining activities.
Let's break down the key concepts discussed in the article:
-
Cryptocurrency Nature and Mining Costs:
- Cryptocurrencies, such as Bitcoin and Monero, rely on cryptography (hash algorithms) to record financial transactions.
- Mining involves solving complex mathematical problems, and the first to solve it gets rewarded in the respective cryptocurrency.
- Legitimate cryptominers invest in server farms, computing power, electricity, and cooling systems for efficient mining operations.
-
Cryptojacking and Browser Mining Scripts:
- Cybercriminals exploit unprotected computers by using browser mining scripts, a practice known as cryptojacking.
- Browser mining scripts use other people's computers to mine cryptocurrencies without their knowledge, utilizing CPU resources and electricity.
-
Legitimate Use of Browser Mining Scripts:
- Some websites experiment with browser mining scripts as a revenue generator, potentially replacing online advertising.
- Unfortunately, criminals abuse this approach to avoid the costs associated with legitimate cryptomining infrastructure.
-
Detecting Cryptojacking:
- Signs of cryptojacking include a sudden slowdown in computer performance or fast battery drainage.
- Checking Windows Task Manager or macOS Activity Monitor can reveal increased browser activity, indicating a potential cryptojacking incident.
-
Preventative Measures:
- Browser extensions like No Coin and MinerBlocker can help prevent web-based cryptomining attacks by monitoring and blocking suspicious activity.
- Ad-blocker software with Coinhive blockers filters out malicious scripts.
- Disabling JavaScript, though drastic, can be an effective measure against certain attacks.
- Blocking specific domains suspected of cryptomining can be done to enhance security.
-
Final Thoughts and Additional Security Measures:
- Blocking browser mining scripts is crucial for system integrity and operational efficiency.
- Awareness of standalone cryptomining malware that infects systems directly, often with ransomware.
- Recommendation of Acronis True Image 2020 Cyber Protection, which combines backup capabilities with integrated anti-ransomware and cryptomining malware blocking powered by artificial intelligence.
In conclusion, the article emphasizes the importance of taking proactive steps to secure systems against cryptojacking and related threats, providing practical advice for users to safeguard their computers and data.
