Hyderabad: Hackers are earning money (cryptocurrency) merely by using resources like the CPU and RAM of your PC, laptop, phone, router or any other smart device, through cryptojacking.
Several government websites, including the Tirupati and Macheriyal municipal websites, have become a target of cryptojacking. About 19,846 Indian homes which use Microtek routers are affected by cryptojacking software according to Shodan.io, a search engine.
McAfee’s latest Quarterly Threats Report revealed that cryptomining malware surged 86 per cent in the second quarter of 2018, and a similar trend is being observed in India.
Security researcher Indrajeet Bhuyan, explaining this phenomenon, said, “Crypto-jacking started last year and there is no good mechanism to detect it. By mining cryptocurrency, miners get commission.”
He said mining with a single laptop becomes difficult. “So people have started using others’ laptops by putting scripts. If they put a script in a website which is visited by 1,000 users, then the resources of all the 1,000 users can be used to get cryptocurrency,” he said.
About 19,000 Microtek devices have been compromised. Through the router it spreads to user computers. “Earlier it was 13,000, now it has increased, which means many people are not updating their systems. There must be a lot of awareness,” Mr Bhuyan said.
Experts say that cryptojacking is a serious issue and patches or updates need to be applied regularly.
This kind of attack doesn’t need your data nor infringes on your privacy, but all it needs is CPU power.
Mr Krishnapur added, “Users need to look for glitches related to either performance, overheating, or failing components. Determining the cause of a device or server being stressed is not easy, however, that's a good place to begin. Also, other indicators like unknown processes or unknown images being downloaded can help you trace the path to a mining script.”
Coinhive is the most common script being used. There are some browser plug-ins like “nocoin” which will block your computer from becoming the target of such attacks. However, if a hacker writes his own script, then such plug-ins cannot detect them.
Mr Krishnapur suggests that “in case of a breach, delete all applications that you haven't used over the past six months.” He suggested downloading apps/software from legitimate sources, using strong passwords, avoiding public Wi-Fi networks, and securing devices with a comprehensive security software.