Cryptojacking, the unauthorized use of computing resources for mining of cryptocurrencies, has caused massive disruption, with websites of high profile institutions like police forces, and servers of huge organizations being targeted.
A report released on March 28, 2018, by Symantec indicates increased instances of mobile crypto jacking.
Quantity, not Quality
However, even much smaller devices like your mobile phone can be susceptible to these malicious scripts.
Covert miners are nothing new, but browser-based crypto-jacking saw a 34,000 percent jump last year, according to Symantec, who claim that it was the largest trending attack of 2017.
Much of this has targeted mobile devices and personal PCs, which although might not seem very lucrative, having a limited amount of processing power, is made profitable by the sheer economy of scale.
Sherif Nabawi, senior director at Symantec Asia-Pacific, commented:
“It’s a game of mass – the more you infect, the more money you generate. [One] mobile phone or one computer running 24 hours might generate anything between 1 to 25 cents [But] if you multiply that by 100,000 infected devices, you get $25,000 overnight.”
What is profit for the thief, however, is a significant inconvenience for the victim. An infected device is rendered extremely sluggish with battery-life rapidly deteriorating and their CPU being maxed out.
Symantec stated in the report that the scripts could overwork the CPU to such an extent that it causes “batteries to overheat and devices [can] become unusable.”
This development can be a troublesome issue for individuals, but for organizations, it can be catastrophic.
Covert coin miners can put corporate networks at risk of shutdown, and run up astronomical bills for companies that are billed based on CPU usage.
The rise in crypto-jacking has corresponded with an increase in the general popularity of cryptocurrency.
As investors feel the FOMO, cybercriminals have rushed in to capitalize on the cryptocurrency craze, moving on from less profitable and increasingly crowded ventures like ransomware.
However, web browsers have begun to fight back, and late last year Opera announced anti-crypto mining measures would be integrated into their desktop web browser, a feature which has also since been incorporated into the mobile browser: A defensive move in the face of yet another invisible internet threat.
According to ESET senior research fellow Nick FitzGerald, the crypto jacking trend looks set to continue:
“Globally, people are still interested and investing in cryptocurrency. As long as this continues, the value of these virtual currencies seems likely to continue to increase, so crypto jacking will continue as cybercriminals see this as easy money.”