In early 2018, the cryptocurrency market hit unprecedented levels, leading to a boom in cryptocurrency mining, both legal and illicit. And now, while the dizzying highs of cryptocurrency prices and the bitcoin bubble have crashed back down to reality, criminals are still making a killing by using cryptojacking to mine lesser-known alt-coins such as Monero.

What is Cryptojacking?
Cryptojacking works by—you guessed it—hijacking other people’s processing power and using it to mine cryptocurrencies. This is typically achieved with scripts that run behind the scenes on websites, though it’s also possible to hijack machines and servers to run full-blown cryptocurrency mining software, which is either installed by malware or by rogue employees.

How Much of a Threat is Cryptojacking?
But beyond being the newest cybersecurity buzzword, is cryptojacking really a threat? Short answer: Yes.
Recent reports have shown exactly how profitable cryptomining can be. In one instance, hackers created a botnet of cryptominers, dubbed “Smominru” by security researchers, that controls over 520,000 machines—that’s nearly as large as the Mirai botnet that nearly broke the internet in 2016—and amassed nearly $2.3 million in cryptocurrency. That’s a hefty profit, and it creates strong incentive for others to follow. And it seems that many have …
And the cryptojacking epidemic doesn’t just cost victims resources, it can actually destroy their equipment. One type of Android malware, called Loapi, mines cryptocurrency so intensely that it can actually cause physical harm to the device that it runs on.
With all this in mind, I’d say it’s safe to say that the cryptojacking threat is real, and it’s not going anywhere. So, how do you secure your network from cryptojackers who want to burn your resources—whether they’re hackers running in-browser mining scripts, or rogue employees looking to take advantage of powerful computing systems?

Basic Steps: Patch Your Systems
This is a fundamental first step to protecting yourself from thousands of attack vectors—and something you should be doing anyway—but it’s worth repeating: always keep your machines patched and up-to-date. ESPECIALLY if the patch notes mention any kind of security vulnerability.

Block Your Attack Vectors
While patching is a critical step, even a fully patched system can be vulnerable if a user visits the wrong site, or installs the wrong app, and that’s why it’s important to take a multifaceted approach to blocking cryptojackers—especially those that run in-browser.

Monitor for Abnormal GPU and CPU Usage
While the methods outlined above will certainly keep you better protected than doing nothing, the truth is that there’s no silver bullet for keeping cryptominers off of your network. There is, however, one sure thing. You can monitor for, and identify misbehaving machines, and then address the issue from there.

Webinar 15th April 10.00-11.00
We invite you to Join us 15th of April for our “How To Detect And Stop Cryptomining On Your Network” webinar hosted by Ipswitch
10.00 – 11.00 – Register for the webinar at atm@it2trust.com


You can also get news about IT-security sent directly to your inbox – via our e-newsletter News2You.
News2You is targeted to both resellers and end users – and contains the latest within IT-security and Networking solutions – as well as invitations to seminars and other events we host.

Do you wish to receive News2You in the future, please send os an e-mail to news2you@it2trust.com