An Investigation of Crypto jacking: your device can be used for mining

Author: Muhammad Asad Ul Rehman

This is a story from a forensic investigation I did a few days ago so I thought I’d share about a malware in the wild. The user cannot imagine that their device can be used for crypto mining.

An IT professional approached me about his machine making noise and running very slow. I asked him to check RAM and processor status. He said that he is not using any application but the processor and RAM are fully utilized. So, what’s the exact issue is?

In case of crypto jacking hackers mine cryptocurrency without paying for electricity, hardware and other mining resources For which another party’s computing resources are hijacked and used to mine cryptocurrency.

According to the European Union Agency for Cybersecurity’s (ENISA) annual report Crypto jacking was the third most prevalent cybersecurity threat in 2021. Google’s Cybersecurity Action Team found that 86% of its observed compromised cloud platforms resulted from crypto jacking. In 2020, Cisco reported 69% of its customers were affected by crypto mining malware.

How it works?

The crypto mining is the way to create and encrypt new coins on blockchain. Cryptocurrency miners solve encrypted puzzles, validate transaction and earn cryptocurrency.

To perform complex mathematical operations Crypto jackers utilize the power of victim’s computing machine. After performing the operations that needed to mine cryptocurrency the victim’s machine send the results to the crypto jacker’s server. It runs quietly in the background, redirecting victim’s processing power toward illicit crypto mining tasks. Mostly it does not damage the victim’s device but in some cases it can damage. When Crypto jackers targeting a large number of victims they use a small amount of a victim’s processing resources.

Modes of Crypto Jacking:

There are two modes of crypto jacking attack one of them is web browser and second one is host-based attack. The web browser based crypto jacking attack occurs when victim visits an infected website and in case of host-based attack the hackers use malware that gets downloaded onto a device of victim through any social engineering technique.

Symptoms of crypto jacking:

  • Overheating of device.
  • The fan runs faster than normal and makes noise.
  • Device performance slower than usual
  • High electricity/ battery consumption
  • Above average CPU usage

How to prevent crypto jacking?

  • Use strong cybersecurity protection.
  • Beware of phishing Links
  • Don’t download applications from unknown sources
  • Use anti crypto jacking browser extensions.
  • Use ad blocker and disable JavaScript.
  • Secure servers and cloud configurations.
  • Use software composition analysis (SCA).
  • Block infected sites.
  • Stay up to date.

Muhammad Asad Ul Rehman

Cyber Security Expert

Cyber Security of Pakistan

www.masadrehman.com

Share
Leave a Comment

Recent Posts

  • Pakistan

Parliament passes bills on military chiefs tenure extension, SC expansion

The National Assembly on Monday passed six bills, including one seeking an increase in the…

6 hours ago
  • Pakistan

SBP cuts key policy rate by 250bps to 15pc

The State Bank of Pakistan (SBP) announced on Monday that it had decided to cut…

14 hours ago
  • Pakistan

Verdict reserved on Imran, wife’s bail pleas in 7 cases

The district and sessions court in Islamabad on Monday reserved its verdict on bail pleas…

14 hours ago
  • Pakistan

Six terrorists killed in two KP operations

At least six terrorists were killed by the security forces in two separation operations in…

14 hours ago
  • Pakistan

Punjab has no plan to buy PIA, clarifies minister

Punjab Information Minister Azma Bokhari on Monday said that the provincial government had "no intentions"…

14 hours ago
  • World

Israeli strikes kill 10 in Gaza, keep up pressure on north

Israeli airstrikes killed at least 10 Palestinians in Gaza, with seven dead in an attack…

14 hours ago