CRYPTOJACKERS AND MINERS1 Cryptojackers and Miners Student Name Institutional Affiliation
CRYPTOJACKERS AND MINERS2 Executive Summary Cyprojacking malware is increasing every day and thus, the need for the users participating in cryptocurrency should take extra caution. This document will focus on CryptoSpringMalware which is a cryptojacking malware that delivers malicious links by infecting social media accounts and steals login credentials and web accounts allowing it to inject crypto mining scripts in to the web pages. It utilizes miscellany methods to infect cryptocurrency trading platforms when the users access them on an infected browser and uses Facebook messenger to propagate it. The users should stop loading links that have been shared to reduce the risk of falling in to such traps. Many browsers have implemented safe browsing features to protect the users from being tricked by attackers. Crypto mining does not only target computers but also mobile devices such as tablets and phones. The legal consequences of such actions are not clear even if the unwelcomed and intrusive nature of cryptojacking is evident. With the possible impair access of information, overheated machine, and economic sabotage, crypto jacking has clearly become one of the biggest threats facing cryptocurrency businesses in the form of malicious advertising and is a quite hard to deal with it using the existing legal framework.
CRYPTOJACKERS AND MINERS4 Introduction Crypto jacking is an illegal activity where attackers use another person’s computer to mine cryptocurrency. Attackers achieve this by enticing and tricking computer users to click on a particular link that that executes crypto mining code on their computer, or injecting a JavaScript code to a website that pops up and executes automatically when loaded in the browser. It is not yet certain the amount of cryptocurrency that hackers mine by carrying out crypto jacking, but there is no doubt that the practice is on the rise. However, it is important to note that the rapidly growing type of crypto jacking is browser-based. A research done in 2017 revealed that more than 35000 websites were running crypto mining scripts and had more than 1 billion visitors combines (Brewer, 2016). The concept of crypto mining is still new and there is still room for evolution and growth. For instance, it is easy to generated more than $300 using coinhive in the first month. One major reason why crypto jacking is on the rise is because it is easy to get money. Cyber security researchers in January 2018 discovered a crypto mining botnet called Smominru which infected more than 500000 computers, majorly in India, Russia, and Taiwan. Windows servers were the target of the botnet. Crypto jacking does not require proficient technical expertise. The driving force of crypto jacking that is making it more popular among the hackers is because of the minimal risk involved while making more money and find it more profitable as compared to ransomware because it generates money continuously (Broadhurst, et al., 2018). Additionally, the probability of being identified or getting caught is much less as compared to ransomware. Crypto mining code can go undetected for a very long time because it runs surreptitiously and once identified it is very challenging and difficult to trace the source. Attackers have to major ways of getting into the computer of the victim to mine crypto currency secretly. One way is through phishing where the attacker sends an email that looks legitimate and tricks the victim into clicking the link on the email which once clicked the crypto mining code loads on the computer and continuously run while the victim works on his/her computer (Sigler, 2018). The second method is by injecting crypto mining scripts on several websites which entices the users and visitors to click on it. Once the user opens their browser, the script is executed automatically. In this method, no code is store on the computer of the victim rather the code executes mathematical problems that are complex and transmit results to the hacker’s
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Operations Management Problemlg...
|12
|2547
|114
Understanding SQL Injection, Insider Attacks, and Malware Threats for Enhanced Cybersecuritylg...