Cryptojacking

From Wikipedia, the free encyclopedia
Part of a series on
Information security
vectorial version
Related security categories
Threats
Defenses
  • v
  • t

Cryptojacking is the act of hijacking a computer to mine cryptocurrencies against the users will, through websites,[1][2] or while the user is unaware.[3] One notable piece of software used for cryptojacking was Coinhive, which was used in over two-thirds of cryptojacks before its March 2019 shutdown.[4] The cryptocurrencies mined the most often are privacy coins--coins with hidden transaction histories--such as Monero and Zcash.[2][5]

Cryptojacking malware[]

Cryptojacking malware is malware that infects computers to use them to mine cryptocurrencies usually without users knowledge.[6][7][8] Cryptojacking (also called malicious cryptocurrency mining) is an emerging Internet threat that hides itself on a computer or mobile device, and uses the machine's resources to "mine" various forms of digital currencies known as cryptocurrencies. It is a burgeoning threat that can take over web browsers, as well as compromise all types of devices, from desktops and laptops to smartphones and even network servers.

Like most malicious attacks on the computing public, the motive is profit, but unlike other threats, it is designed to remain completely hidden from the user. To understand the mechanics of the threat and how to protect yourself against it, let's start with some background information. Cryptojacking malware can lead to slowdowns and crashes due to straining of computational resources.[9]


Notable Events[]

Microsoft Exchange Server[]

Main article: 2021 Microsoft Exchange Server data breach

In 2021, multiple Zero-day vulnerabilities were found on Microsoft Exchange Servers, allowing remote code execution.[10]

References[]

  1. ^ Larson, Selena (2018-02-22). "Cryptojackers are hacking websites to mine cryptocurrencies". CNNMoney. Retrieved 2021-04-17.
  2. ^ a b "Cryptojacking malware was secretly mining Monero on many government and university websites". TechCrunch. Retrieved 2021-04-17.
  3. ^ Caprolu, Maurantonio; Raponi, Simone; Oligeri, Gabriele; Di Pietro, Roberto (2021-04-01). "Cryptomining makes noise: Detecting cryptojacking via Machine Learning". Computer Communications. 171: 126–139. doi:10.1016/j.comcom.2021.02.016. S2CID 233402711.
  4. ^ "Coinhive domain repurposed to warn visitors of hacked sites, routers". BleepingComputer. Retrieved 2021-04-17.
  5. ^ Hwang, Inyoung. "What is cryptojacking? How to detect mining malware - MediaFeed". mediafeed.org. Retrieved 2021-05-11.
  6. ^ "What is cryptojacking? How to prevent, detect, and recover from it | CSO Online". 6 May 2021.
  7. ^ "What is Cryptojacking? Defined, Explained, Explored | Forcepoint". 24 January 2019.
  8. ^ "New Cryptojacking Malware Variant Targeting Cloud Systems Discovered - Infosecurity Magazine". 6 October 2020.
  9. ^ "Brutal cryptocurrency mining malware crashes your PC when discovered | ZDNet". ZDNet.
  10. ^ Palmer, Danny. "Cyber criminals are installing cryptojacking malware on unpatched Microsoft Exchange servers". ZDNet. Retrieved 2021-04-17.
Retrieved from ""