What Is Cryptojacking?
Cryptojacking is a form of cyberattack in which a hacker hijacks a target's processing power to mine cryptocurrency on the hacker's behalf.
Cryptojacking has become an increasingly popular way for bad actors to extract money from targets in the form of cryptocurrency. Widely publicized hacks such as the WannaCry worm, which affected systems on several continents in May 2017, encrypted victims' files and demanded cryptocurrency ransoms—bitcoin, in the case of WannaCry—to decrypt them.
Cryptojacking takes a different approach, harnessing victims' machines to "mine": perform the computations necessary to update cryptocurrencies' blockchains, creating new tokens and generating fees in the process. These new tokens and fees are deposited to wallets owned by the attacker, while the costs of mining—electricity and wear and tear to computers—are borne by the victim.
Examples of Cryptojacking Attacks
In February 2018, a Spanish cybersecurity firm, Panda, wrote that a cryptojacking script known as WannaMine had spread to "computers around the world." The malware was being used to mine monero, a cryptocurrency that is notable for its ability to mine using CPUs (as opposed to GPUs or ASICs) while having some value in fiat terms.
Later the same month, governments in Britain, the U.S. and Canada were affected by a cryptojacking attack that took advantage of a vulnerability in a text-to-speech software embedded in many of these governments' sites. Attackers inserted Coinhive script into the software, allowing them to mine monero using visitors' browsers.
Browser mining is becoming an increasingly common practice. The lines between cryptojacking and legitimate practice are not always clear. Coinhive is often described as malware, but Salon recently partnered with its developers to mine monero using visitors' browsers—with their permission—as a way of monetizing the outlet's content when faced with adblockers.
Some experts have cited the potential of browser mining as an alternative to ad-based monetization: in essence, legitimized cryptojacking. Such proposals are extremely controversial, given the potential costs to users in terms of power consumption and damage to hardware.
Later in February, it was revealed that Tesla Inc. had been the victim of cryptojacking when its Amazon Web Services software container was compromised. Similar attacks on companies have been reported going back to October 2017.