Why cryptojacking is an overlooked security threat

Ransomware attacks like WannaCry and NotPetya have generated reams of news coverage this year, but another form of cyberattack is quietly on the increase: cryptojacking.

Readily available JavaScript tools allow cryptojackers to harness the CPUs of phones, tablets, PCs and servers, and use this collated power to validate cryptocurrency transactions before other miners. Their Bitcoin (or altcoin if they're mining another cryptocurrency) reward for providing this service comes at someone else's expense – and that someone, whether an individual or organisation, often has no idea their processing power has been hijacked.

“You could be browsing a website they've taken over through malware or by adding some JavaScript, and without your knowledge, without your approval, your laptop or your iPad's compute resources are now being used for mining cryptocurrency,” says Varun Badhwar, CEO and co-founder of RedLock, which monitors Microsoft Azure, Google Cloud Platform, and AWS for security and compliance risks. “This [type of attack] can impact anybody and everybody across the globe, regardless of what kind of system you're on and how many compute resources you have available.”

Confused by cryptocurrencies? Check out: What you need to know about cryptocurrencies

Although mining malware has been around since 2013, the release of the Coinhive JavaScript miner in September, together with soaring cryptocurrency values, have made cryptojacking increasingly appealing to hackers. However, Coinhive itself was not created for malicious purposes: it was intended as means for websites to earn money by borrowing visitors' processing power to mine Monero, an untraceable cryptocurrency, instead of bombarding them with ads.

To continue reading...


« 101: The quantum vendor market race is hotting up


Everything you need to know about… Tech Careers »
Duncan Jefferies

Duncan Jefferies is a London-based freelance journalist who writes about technology, digital culture and sustainability.

  • Mail


Do you think your smartphone is making you a workaholic?