Kinaro's blog of things

Cryptojacking

June 09, 2019

This is the illegal use of computer resources to mine cryptocurrencies. The mining is an intensive process which leads to high power usage.The affected devices may slow down to a crawl and heat up. This is because resources such as RAM and CPU time are gobbled up by a single application. Attackers abuse various methods to mine crypto on users devices.

  1. Web browser The most common culprit for this type of attack is Coinhive. It is a Javascript script that runs entirely in the browser.
  2. Tricking users to install the mining software Most people do not read the license or terms of use. uTorrent, a bittorrent file sharing application used this technique to dupe Windows users into installing CGminer, which would mine crypto on users machines.
  3. Exploiting vulnerabilities in software Earlier last week, BlackSquid made news by exploiting multiple vulnerablities in order to infect computer systems and mine cryptocurrencies. You can read more on Bleeping Computer

Signs

High RAM usage

Most mining software use up a large amount of RAM. You may find an application taking up a large portion of memory than usual.

High CPU usage

If you notice that the CPU is always at 100%, there might be a mining app running in the background. You can use Task Manager in windows to view running applications and processes. Use it to kill offending processes and apps. However, note that terminating applications from the task manager will usually lead to loss of data.

Mitigation

  1. Avoid insecure sites

An attacker on the same LAN as you are can perform a Man-in-the-Middle attack and inject malicious code in the insecure websites you visit

  1. Sift through the software installation terms and offers

Most freeware try to sneak in more than you bargained for during the installation phase. For example CCleaner tries to install Google Chrome or Avast! antivirus during installation.

  1. Patch your systems

Bugs in software are encounterd all the time, thats why it is essential to install the latest security updates. Operating systems provide the means to schedule these updates or install them automatically.


Felix Kinaro

Github TwitterContact