Cryptojacking and the Dangers of Mining for Cryptocurrency
Cryptocurrency mining, also known as cryptomining, is the process of using your computer’s processing power to solve complex mathematical equations in order to earn digital cash. In recent years, cryptomining has been on the rise. To understand the reason for this increase in cryptomining it’s helpful to follow the money. Less than two years ago, Bitcoin, Monero, and other popular cryptocurrencies were enjoying all-time high valuations. In December 2017, a single Bitcoin was worth more than $19,000. Entire ecosystems sprung up around alternative cryptocurrencies like Monero, as individual investors, currency speculators, and even some publishers looked to cryptocurrency as a new way to make money.
Eager to cash on these exciting new digital currencies, consumers invested in purpose-built personal computers and specialized browsing tools to mine for cryptocurrencies. Even if you didn’t really understand the fuss, it was hard to avoid conversations about Bitcoin, cryptocurrencies, cryptomining, and the blockchain. Popular websites like The Pirate Bay, Slate, and Wired all experimented with using cryptomining as a way to fund their businesses.
This explosion in the value of cryptocurrencies also caught the eye of hackers, organized crime, and others looking to make easy money. Driven by the sky-high prices of Bitcoin, hackers invented a new form of malware called “cryptojacking” to hijack unsuspecting users’ computers to mine for digital cash. At its peak, cryptojacking was one of the fastest-growing forms of malware, and we at AdBlock saw lots of requests from users to enlist AdBlock to block malicious cryptominers. The problem got so out of hand that Google banned cryptominers from the Chrome Web Store altogether.
What is Cryptojacking?
So what is cryptojacking? A combination of the words cryptography and hijacking, like adware and other forms of malware, cryptojacking is a new term for an old trick: stealing. In this case, cryptojacking software is designed to remain undetected so that it can sit on your computer and mine for cryptocurrency. Here’s how it works: hackers create software (known as scripts) that can live undetected on popular websites or be included in copies of other popular software. When a user visits a website with these scripts present, the cryptojacking software goes to work telling the user’s device to mine for cryptocurrency without the user’s knowledge or consent.
Basically hackers are stealing your computer processing power to generate Bitcoin and other cryptocurrencies, which they then keep for themselves. What makes this process particularly malicious is that cryptojacking software can be hidden within ads, or included on websites so that users can have their machines hijacked simply by visiting a website that has one of these cryptojacking scripts on it. That’s why early cryptojacking detection and prevention is critical.
How to Prevent Cryptojacking with AdBlock
But there’s good news, as well. AdBlock has been blocking these cryptojacking scripts for nearly two years. We started including a filter list designed to stop malicious cryptomining in our Chrome extension in October of 2017. In January of 2018, we looked at data from AdBlock users that had opted to share anonymous information about filter list statistics and we counted nearly 4,000 domains with these cryptojacking scripts included on them, including some widely-used websites for downloading videos and other torrent files. In one particularly bad week, we counted more than 31 million scripts that we blocked in just a fraction of our users.
Unfortunately, these cryptomining scripts can lurk anywhere. We’ve seen them lurking in YouTube ads and in many other innocuous places across the web. And while cryptojacking has (thankfully) been in decline over the last year, thanks to the dramatic decrease in the value of Bitcoin and the collapse of popular mining tool, Coinhive, we still see thousands of websites that use scripts to illegally mine for cryptocurrency. We continue to block these scripts, but if you notice your computer is working at a slower pace than usual, you may want to install an antivirus tool like Malwarebytes to scan your system for these types of malware. And if you have concerns about specific websites, you can use AdBlock to see what type of requests a website is making when you visit (note: this is best suited for technical users only).
Cryptojacking Revived
More recently, there have been reports that cryptojackers have been using tools designed by the National Security Agency (NSA) to distribute a new form of malware called Beapy. Despite the cutesy name, the software itself is anything but. Beapy is designed to take over machines in a corporate network and use them to engage in enterprise-level cryptomining. It’s a disturbing development and a reminder that while cryptojacking has seen a temporary lull in usage, hackers are continuously looking for new (and intrusive) ways to make money from unsuspecting users.
While you don’t need to be overly anxious about cryptomining in general, it’s important to protect yourself from all types of malware as you browse. And it’s interesting to note that some security researchers have actually noticed the correlation between the price of crytpocurrencies and malicious cryptomining schemes, so with prices for Bitcoin starting to rise again, it’s definitely worth keeping AdBlock at the ready to help protect against cryptojacking!
PS. Want to stay up-to-date on all the latest AdBlock updates and announcements? Join our mailing list!
