Unfortunately, cryptojacking isn’t a new concept, as attacks of this type have been happening for a number of years. It is when malware or a secret script is placed in a hardware device or piece of software – such as a router, pen drive, or plugin. Once this malware or script is triggered, the victim’s device will then begin using spare CPU or GPU power to mine cryptocurrencies. While this style of attack now only works on cryptos with a lower mining difficulty – such as Monero – it is still a popular attack amongst the crypto underworld. If the attackers can gain enough CPU power, they can mine a considerable amount of Monero before their script is snuffed out and removed.
Mikrotik Vulnerability Abused
Routers made by Mikrotik – a Latvian networking company – had a fatal flaw in them that enabled people to gain unauthorized admin access to the router, enabling them to then install anything they want on top of the router’s firmware. The flaw was patched in April 2018, but not all users updated their routers. Updating your router is often the last thing most internet users think about, and leaving a router without firmware updates can be dangerous. It is estimated that around 200,000 of its routers had not been updated and thus were compromised in the attack.
Popular Sites Have Begun Cryptojacking
While the cryptojacking script on TPB was purely innocent and designed to help boost revenue, it still poses a threat to unaware users. For example, TPB set the threshold – max CPU power it would steal – to 0.9 (90%). If a user left a tab with TPB open, they would give up to 90% of their total CPU power to TPB to mine Monero. The issue here is that it can cause excessive temperatures on the CPU and around the CPU if the user doesn’t have adequate cooling, this then leads to shorter lifespan of components.
Possibly the Future of Advertising
The prominence of ad blockers has left free content sites running scared. The cost of hosting, maintenance, and great content is increasing all the time, and ad blockers are causing revenues to fall. Apart from becoming paid subscription sites, these free to use sites are running out of options, and cryptojacking provides a solution. While cryptojacking probably isn’t the correct term for it, in essence it’s exactly the same, just with the user’s permission. Salon.com use a Monero mining script and give users the ability to give 30% of their CPU power in return for free content, or they can browse the site without donating CPU power. This could be the solution for many free to use sites all around the globe if they wish to remain “free”.
China is still reeling from a two-year long attack that saw over 1 million computers compromised and nearly $2 million of various cryptos mined illegally. Cryptojacking is proving the most popular form of attack in the crypto world lately, and it will only get worse. Stay tuned to BitStarz News as later this week we will teach you everything you need to know about keeping yourself safe from cryptojackers.