Cryptojacking – When your computer mines cryptocurrency without your knowledge
In the past few months, we’ve seen a lot of news about cryptocurrency, including harried headlines about extreme fluctuations. All this can be attributed to an unending speculative bubble and possibly also the fear of government regulation. This partially explains why bitcoin’s value took such a spectacular plunge, falling from CA$25,000 to just over CA$10,000 between December 17 and today. Beyond the technical challenges that these headless currencies bring to the table, the fluctuations in exchange rate parity likely played a key role in the resurgence of attempted pirating, theft of digital wallets and personal data, and other fraudulent acts. If we’re to believe the predictions of certain industry leaders, more major heists could be coming. So far this year, we’ve already witnessed the record theft of $60 million in bitcoin from NiceHash, a violent attack on a British couple for their virtual wallet, and Coincheck reporting more stolen assets than MtGox did in 2014. Given that bitcoin could recover and hit $60,000 sometime this year, security has become a big issue for this type of investment and for cryptocoin mining as well. However, with a little common sense and caution, the risk is minimal. What is mining? Unlike the coins and banknotes we carry in our pockets, which are issued by central banks, cryptocurrencies are virtual. They can be transferred across the network and are secured by alphanumeric strings called “hash.” To create virtual currencies, protect them and keep them functional, the mining process uses software that connects computers to a mining pool, making it possible to leverage the power of several devices at the same time. The processors work 24/7 to keep the currency going. The transactions (blocks) are then correctly added and recorded on the blockchain, which is a public document that lists all transactions—and it’s also a real headache for financial institutions and governments. Miners contribute their computers’ processing power to the network and are paid in cryptocurrency. Day after day, these profits add to the amounts already in circulation. Mining is rarely done alone because it uses a lot of power and is not very profitable. Instead, pools or farms do most of the work. There is power in numbers, and in mining it increases both the processing power and speed (i.e. hash rate). More calculations = more blocks added = more profits. ¯\_(ツ)_/¯ When hackers target miners Clearly, mining isn’t totally safe and provides an opportunity to attack honest individuals whose computers are connected. In fact, it is becoming increasingly common for the CPU (processer) of a computer to be “taken hostage” so that it can be used for mining, without the computer’s owner even knowing about it. For instance, this can be done with Coinhive. This simple script discreetly mines Monero (one of the many forms of crypocurrencies out there). You’d never even know it was there. If your computer lags x 1000 and your electricity bill skyrockets, you might inadvertently be making cryptocurrency. And the worst part is that you won’t see any of the bitcoins that your computer is generating. According to a handful of experts, we can expect this CPU-borrowing trend to increase in 2018. After Youtube, The Pirate Bay and several government sites, we could even see a broader range of websites and platforms used for cryptocurrency mining. Currently, none of the available browsers offers protection against this type of activity, but there are solutions like No Script extension for Chrome, Firefox and Opera. You can also turn to traditional ad blocking services like 1Blocker, uBlock Origin and Adblock Plus. These can help relieve stress, since they minimize the chances that someone will get rich off your back. Helpful definitions courtesy of bitcoin.org: Hash: One of the essential components of BTC security is the SHA 256 hash function. It’s a mathematical function that uses a compilation of data (words, numbers, characters) to create a unique output value called a “hash.” Block chain: The block chain is a public record of Bitcoin transactions in chronological order. The block chain is shared between all Bitcoin users. It is used to verify the permanence of Bitcoin transactions and to prevent double spending. Block: A block is a record in the block chain that contains and confirms many waiting transactions. Roughly every 10 minutes, on average, a new block including transactions is appended to the block chain through mining.Beware of Ransomware
By Marc-André Gagnon, information security specialist. How much would you be willing to pay to recover your term paper? Your family photos and videos? Your business documents? Those are the questions you’ll have to answer if you fall victim to ransomware, a type of computer virus that is striking more than ever before. Ransomware uses industry best practices to block access to your data by encrypting it. That means you can’t access your files without decrypting them—and you’ll need a decryption key to do it. The creator of the virus may (or may not) provide you with the decryption key in exchange for a ransom, which is usually paid using virtual money (i.e., Bitcoin). In dollars, you can expect to pay anywhere from $500 to $1,000 for a typical ransom. Ransoms charged to businesses are much higher, reaching $10,000 or more. You usually have 24 to 72 hours to pay, and the ransom amount may increase as time passes. It’s easy to see how this kind of extortion is very lucrative for fraudsters. Figure 1 - Ransom message used in the WannaCry attack Don’t let your guard down Like with any virus, there are lots of ways your computer can become infected with ransomware, including: Email containing an infected attachment or link Software downloaded from a non-official site (e.g., BitTorrent) Legitimate websites that are temporarily compromised may prompt you to download malware (e.g., a fake Adobe Flash update) Being on the same network as an infected computer, especially if your device doesn’t have the latest updates Malicious apps downloaded from Google Play Store or Apple App Store Windows and Android platforms are targeted most often, though there are some variants for Apple OSX and iOS. What does this mean for you? Remaining vigilant is essential, as is having an enabled, up-to-date virus checker. There are no more excuses, especially since Microsoft offers Windows Defender for free. What to do if you get infected Before you do anything else, disconnect your USB key, hard drive and network cables, and turn off your WiFi. The idea is to prevent the ransomware from encrypting the data on your synched drives (Google Drive, OneDrive, iCloud, Dropbox, etc.), peripheral devices and other devices on your network. If you have a corporate workstation, or if you are simply at the office, let the tech support team know right away. Encrypting information takes time, so if you have just been infected, you may be able to limit the damage by shutting down your computer. Do not pay the ransom. There’s no guarantee that you will get your data back. Don’t forget that you’re dealing with a dishonest fraudster, so don’t expect great after-sales service! In fact, some types of ransomware don’t even allow decryption after payment. They’re bluffing! If you can, bring your computer to a repair centre to see if some files can be recovered. Some ransomware is worse than others. At the end of the day, the only 100% viable strategy is to reinstall and restore your backed-up data. You have backed up your files, haven’t you?
