Best Practices for Fighting Against Cryptojacking

By: Sunil Sharma, Managing Director Sales at Sophos India & SAARC

Cryptojacking has recently got onto the cybercrime scene, thanks to the surge in value of cryptocurrencies such as Bitcoin, Monero, and Ethereum during 2017. When cryptomining is done illegally, without authorisation or certification, it turns into the aptly-named crime of cryptojacking.  A serious global problem, cryptojacking is the unauthorised use of someone else's computing power to mine cryptographic money. Criminals use different techniques and tricks to remotely gain access to target systems. In cryptojacking a malware could be introduced to an unsuspecting person’s computer through a malicious link sent via email. Once clicked, the malware loads the crypto mining code on to the computer. Alternatively, the malware could be hidden in various websites and online ads such that it automatically executes once loaded in a browser. Once the crypto mining code installs in the victim computer, it runs discretely in the background as the owners continue to use their computer normally and makes the system slow. CoinHive is an example of Cryptojacking as it’s a JavaScript program that hides on websites and when someone visits an infected site, CoinHive taps into their computer processing power to mine for cryptocurrency like Monero.

Follow these steps to minimize the risk of your organization falling fight cryptojacking:

To start with, you need to take a layered approach to protection to prevent cryptojacking.

1. Block websites hosting JavaScript miners both at the gateway and the endpoints.
2. Stop cryptomining malware at every point in the attack chain.
3. It is also important to keep web filtering tools updated.
4. Prevent cryptomining apps from running on your network.
5. Maintain browser extensions as some attackers are using malicious browser extensions or poisoning legitimate extensions to execute cryptomining scripts.

We also recommend that you:

• Always keep your devices patched to minimize the risk of exploit-related attacks
• Use mobile management technology to ensure that native mobile apps aren’t present on your mobile phones nor tablets

• • Educate your team:
    • Cryptomining is not an acceptable use of company resources or power
    • Explain traditional attack vectors of malware such as phishing and how they can protect themselves
  • Maintain a strong password policy
  • Keep an eye out for the signs that you’ve been cryptojacked:
    • Slow network
    • Soaring electricity bill

• Spike in CPU consumption