From CryptoMarketsWiki
Jump to: navigation, search

Cryptojacking is the colloquial term for a type of hacking attack related to cryptocurrency mining.[1]


Cryptojacking is the process by which a hacker gains unauthorized access to another user's computer, tablet, mobile phone, or similar device in order to install and run software to mine cryptocurrency, such as bitcoin or Monero.[2][3][4] When a digital currency is successfully mined this way, the resulting digital token is transferred to the wallet of the hacker, rather than the owner of the device. These attacks can happen through malicious emails, phishing tactics, or malicious ads on websites, which conduct cryptojacking operations using the victim's browser.[5]

Since the massive price spike for bitcoin in late 2017, cryptocurrency mining increased by about 34,000 percent of rates from previous years. This increase in the profitability of mining and the resulting increase of mining rates were followed immediately by cryptojacking attacks increasing 8500 percent, according to an Internet security threat report published by the Symantec Corporation.[6][7] In 2018, cryptojacking attacks had increased 459 percent by September. According to a report published by the Cyber Threat Alliance in September 2018, the most cryptocurrency most commonly mined in these attacks is Monero.[8][9]

Cryptojacking attacks on Indian government websites

In September 2018, the Indian government discovered the presence of cryptojacking software embedded in official government websites, including municipal websites for the Indian state of Andhra Pradesh. The operators of the websites allegedly became aware of the cryptojacking JavaScript codes on September 10, but continued to operate the sites as of September 16.[10] To date, 119 Indian websites, including many government websites, have been found to contain the cryptojacking malware Coinhive.[11][12]

NSA technology used for cryptojacking

In 2017, an NSA-developed hacking tool called EternalBlue was stolen and published online. This hacking software is designed to break into almost any Windows machine in the world. The U.S. government has traced many of these attacks to individuals in Russia and North Korea.[13][14][15]

Monero Malware Response Workgroup

In September 2018, Monero announced the formation of the Monero Malware Response Workgroup. The workgroup created a website dedicated to educating not just Monero users, but the general public on how to remove cryptojacking malware from their devices and prevent them from future infection. The site also offers detailed explanations of the basics of Monero mining.

The announcement was written by Justin Ehrenhofer, head of the new workgroup. In the announcement, Ehrenhofer explained that the two primary reasons why hackers tend to prefer to use Monero in their attacks are its anonymity, and the proof-of-work model used by its blockchain, which is particularly advantageous for hackers. He also made a point of openly condemning the practice on behalf of the greater Monero community: "The Monero community condemns this malicious, non-consensual use of equipment to mine. Unfortunately, the Monero network itself actually benefits by having a wide set of stakeholders mine, since the network's security is afforded through a distributed set of users."[16][17]