Cryptocurrency has entered the mainstream, with companies including Microsoft, Dish Network and Overstock.com accepting payment in Bitcoin. Of course, Bitcoin is only one of many digital currencies in use. These currencies are not backed by any bank or government and use blockchain technology to record and reconcile all transactions.
Cryptocurrencies can be purchased on exchanges, but they can also be mined on any computer. Mining involves solving complex math problems and is resource-intensive. That has led to hackers using the computers of unsuspecting consumers to mine cryptocurrency, a scam called cryptojacking.
There are two methods commonly used to enslave victims’ computers. The first is the same as other malware: the hackers send a phishing email containing links that, when clicked, install malicious code on the computer. The code runs in the background, making money for the hacker, when the victim’s computer is on.
The other method installs a script on a website. When victims visit the infected site, the script runs the code and sends the results to a computer controlled by the hacker. In this method, no code is stored on victims’ computers. This method is also legitimately used by some websites to generate revenue with the knowledge and consent of users. For example, cnet.com reports that Salon.com gives readers the option to opt out of advertisements in exchange for letting the site use their computers to mine the cryptocurrency Monero. The script only runs while users are at the Salon.com website.
The good news about cryptojacking scripts is that they do not harm computers or data. However, they do affect computer performance. While the computer is running the script there will be fewer resources for other tasks.
Traditional tools to detect viruses and malware generally will not detect cryptomining scripts. Signs that your computer may have been cryptojacked include slower system performance and hearing the cooling fans running more than usual. If the script is running from a website, the symptoms may only occur when you visit the affected site.
Computer security company Avast recommends protecting yourself from cryptojacking by:
- Installing a web browser extension that blocks common JavaScript miners
- Using a strong antivirus program to detect and block malicious websites
- Keeping your Windows software updated to protect against vulnerabilities.