These tips can help you with detection and prevention.

There’s no doubt that we all live in a progressively digital world. As such, online financial transactions have become the norm for buying goods and services. And  many companies have adopted cryptocurrency as a payment method for purchasing their products and services online.

The popularity of this digital currency also means that cybercriminals have quickly found ways to turn cryptocurrencies into a money-making opportunity. Cybercrime against companies and personal computers continues to be on the rise, with cryptojacking yet another way that cyberhackers use a low-risk technique to secretly mine for cryptocurrencies or steal from digital wallets.

As a private lender, it’s important for you to know whether a potential client uses cryptocurrency in their business transactions. There is still much to be confirmed about the security and stability of cryptocurrency and the methods hackers use to steal from digital savings. That’s not to say that you should have a negative view of cryptocurrency. It’s just important to ask the right questions to ensure they have the proper security and monitoring solutions in place.

No company is too small for a cryptojacker to target, especially if you aren’t aware of the signs your computer and power resources could be used to mine currency for someone else. Here’s what you need to know about cryptojacking and how you can protect yourself and your clients against this new wave of cybercrime.

Cryptocurrency Definitions

Cryptocurrency // Although bitcoin is the most recognized cryptocurrency, there are more than 2,995 other types of currencies on the market, including Litecoin, Bitcoin Cash and Zcash. Used much the same as a token in exchange for products and services, cryptocurrency works using a blockchain—technology that prevents digital transactions from being backdated or double-recorded. In fact, the popularity of cryptocurrency blockchain technology is lending itself to numerous industries, including real estate and tokenization as a liquid asset.

By being encrypted for computer processing when used, cryptocurrencies are time-stamped, creating a secure block of data in a ledger that is open and shared when you have access. Each of these blocks holds specific information, such as the number of coins used in the transaction and the names of both the receiver and the sender. Each block also contains a “hash,” a mathematical algorithm that creates a 64-bit string of characters that points to the previous block in the chain, preventing it from being modified.

Cryptomining // When cryptocurrency transactions take place and are added to the blockchain, a process called cryptomining goes into play. The information in the blockchain is updated and verified by a cryptocurrency miner using vast amounts of computing power and processing. For their efforts, cryptominers earn their own cryptocurrency for their services.

What Is Cryptojacking?
Cryptomining is resource and time intensive, requiring a lot of computer power. But cybercriminals have found a way to hack into personal and company computers and other devices to use these resources.

By installing software that runs a special code, cyberhackers use computer power behind the scenes to mine for cryptocurrencies. Without being aware of the signs that your computer has been hijacked, you may never know that your computer is being used for malicious intent. Cybercriminals silently steal cryptocurrency that they can easily put into their own digital wallet without fear of detection.

How Cryptojacking Works
Cybercriminals use one of three different methods to illegally mine for cryptocurrencies.

01  Cryptomining scripts // Often sent as an attachment or a link in an email, cryptomining scripts run in the background of your computer without being noticed. Known as “file-based cryptojacking,” hackers use malware to install and run an executable file on your computer. Within the file is a script that spreads throughout your computer and network.

02  Browser-based cryptojacking // Cryptojacking can also happen right in your web browser. Cybercriminals develop a script for cryptomining that they embed into websites, placing them into ads and unsecure and outdated WordPress plugins.

03  Cloud cryptojacking // Cryptojacking can also be done through the cloud, as cyberhackers gain access to your cloud services. Criminals hack into your computer code and files looking for API keys that give them entry to any cloud apps and services that you’re using. The high computing resources of cloud services give hackers a great deal of processing power to mine for cryptocurrencies.

The Cryptojacking Process
Once cyberhackers have gained entry to your computer, they can use computer resources for illicit cryptojacking. Here’s how the process works:

01  Your computer is compromised as a cryptomining file is installed.

02  After the file is executed, cryptomining script runs in the background of your computer without your knowledge.

03  Your computer resources are used to solve the complicated algorithms that make up each of the blocks in the blockchain of cryptocurrencies.

04  Working anonymously and with little risk, cyberhackers are rewarded with cryptocurrency in their own digital wallet every time they’re able to add another block to the chain.

6 Tips for Detecting Cryptojacking Attacks
While ransomware continues to be a huge risk, cryptojacking is now one of the biggest threats to your business, organization or personal computer. It’s important that you know how to detect when cryptojacking is happening to you. Here some detection tips:

01  Decrease in computer performance // As cryptojacking scripts run in the background, you may notice a decrease in computing performance on PCs, tablets, laptops and even your mobile phone.

02  Overheating // Cryptojacking scripts are extremely resource-intensive and can cause your devices to overheat. Pay attention to overheating computers and cooling fans that run continuously. Overheating can cause considerable computer damage and shorten the life span of your devices.

03  Increased CPU usage // Stay on top of your CPU (central processing unit) usage, both in your business and at home. By regularly using the Task Manager or Activity Monitor, you can assess whether there’s an increase in usage even when you’re visiting an online website that has no media content.

04
Monitor coding changes // If you have business or personal websites, regularly check for any changes in the files or coding. Cyberhackers will embed cryptojacking script in vulnerable websites—detecting any cryptomining code early can keep your computer devices safe.

05  Regularly scan for malware // Cyberhackers use malware to infect your computer with cryptojacking script. Using strong anti-virus software and regularly running a malware scan can help you detect whether your computing devices have been infected.

06  Stay up to date on crypto information and news // Cyber criminals are always implementing new methods for cybercrime. Take the time to read about the latest in cryptojacking so you’re up to date with the current trends. Use reliable sources, such as TodayOnChain and CoinDesk.

Prevention Methods
Even by employing the previous tips for detecting cryptojacking, it’s not always easy to know whether you’ve been compromised. Use the following prevention tips to protect your business and personal computers.

Training // Both you and your IT team need to be trained to detect a cryptojacking attack. The sooner you can recognize the signs of cryptomining in the background of your computing devices, the quicker you’ll be able to take the steps to remove the threat and prevent future risk.

Education // Education is key when it comes to preventing cryptojacking on your computer. Both you and your employees need to be trained to recognize when your computing devices are overheating or running slowly. Training also involves knowing the risks of clicking on links or downloading attachments in an email on business and personal computers. Talk to your clients about these risks when emailing secure information.

Use browser extensions //Because cyberhackers can embed cryptojacking scripts in web browsers, using browser extensions can give you added security. Specific browser extensions to block cryptomining include Anti Miner, minerBlock and No Coin.

Use ad-blockers // Online ads are another spot that hackers use to embed cryptomining code. Ad blockers can block malicious scripts from running on your computers.

Disable JavaScript // Another way to prevent cryptomining scripts from taking over your computer is to disable JavaScript in your internet browser. Keep in mind that some features of a website require JavaScript, so disabling may block some of those features.

Questions to Ask Potential Clients
Below are a couple of questions you can ask a potential client about the security measures they have in place.

  • Does your business use or accept cryptocurrency in any capacity?
  • What protocols do you use to protect your crypto assets?
  • Does your IT team actively monitor for cryptojacking scripts and infections?
  • Do you have official employee security training? What does that cover?
  • Do you have any cyber insurance in place?

Cybercrime continues to be one of the biggest security risks for businesses and individuals. Cryptojacking, with its massive potential for profit, will keep giving hackers the incentive to siphon resources from your computing devices.

Use the tips and advice here to minimize the risk for your private lending business and your clients. Make sure to keep up to date on cryptojacking detection and prevention techniques so you can protect your business and personal computer networks.