By Josh Elliott/Global News – Your computer or smartphone might be helping criminals crank out thousands of dollars in online currency, and you wouldn’t even know it.
A new hacking tool known as “cryptojacking” is on the rise, and it threatens to secretly use your computer to generate online money for cybercriminals.
In the latest case, the Russian online security firm Kaspersky says a downloadable program has generated more than $40,000 by operating in the background on victims’ phones, laptops and work computers. The program has been dubbed “PowerGhost,” and it has yet to be stopped.
Cybercriminals have also found ways to exploit victims’ computers through their web browsers. In one case from January, someone inserted a line of cryptojacking code into an advertisement on YouTube. Victims saw their computers slow to a crawl when the advertisement appeared, as their processors were hijacked to generate money for the cybercriminal.
Experts say potentially thousands of websites and hundreds of thousands of users have been affected by a form of cryptojacking, although its stealthy nature makes it hard to nail down concrete numbers.
Raj Samani, the chief scientist at antivirus-maker McAfee, says cryptojacking is “one of the fastest-growing areas of cybercrime.”
Here’s how to protect yourself in the new age of cryptojacking.
What are they stealing?
Anyone can “mine” their own cryptocurrency by using a computer to solve complex math problems. However, the process can be time- and energy-intensive, making it hard to turn a profit without a large operation or a cheap source of power.
Cryptojacking is all about generating cryptocurrency, an anonymous, decentralized form of online money that can be used to purchase a wide variety of goods and services from internet retailers.
With cryptojacking, hackers are essentially making their victims’ computers do all the work for them. They secretly force thousands of computers to solve math problems in the background, then have the resulting cryptocurrency sent to their own digital wallet. Each computer generates only a small amount of revenue, but their combined efforts can mean big bucks for the cybercriminal.
“It’s the theft of computer resources and it’s the theft of energy,”Troy Mursch – Bad Packets Report
“They’re stealing your resources to mine cryptocurrency for themselves, and that money goes directly into their pocket.”
This makes corporate networks particularly attractive for cybercriminals, because every computer on the network could be forced to mine cryptocurrency, he said.
“The individual device may not be making the guy rich, but when you rope all these together, … it starts to add up,” Mursch said.