What is cryptojacking?

26 June 2018

Interview with

Chris Folkerd - UKFast

As our lives increasingly shift online, and computers continue to take over the planet, hackers and spammers and other dodgy operators are finding progressively more ingenious ways to separate us from our cash. And their latest ruse is to steal your electricity; not directly - but, instead, by getting your computer doing lots of power-hungry complicated calculations, the results of which they then sell to make money for themselves leaving you pay the power bill. And they’re hiding the system that does this in normal webpages and even online adverts so it’s really easy to fall victim without even realising. They call it “cryptojacking” and Chris Smith spoke to Chris Folkerd from web hosting company UKFast...

Chris F - My name is Chris Folkard. I’m the Director of Enterprise Technology here at UKFast.

Cryptojacking is the latest trend. Last year we saw a lot of cryptolocker where people were using cryptography to lock people’s machines and then extract payment. This year it’s changed to using their computers to generate money automatically rather than trying to get customers to pay.

Chris S - So this is the whole concept of mining for Bitcoins isn’t it?

Chris F - Yes.

Chris S - I suppose we should explain first of all what actually is cryptocurrency and how does it work?

Chris F - Cryptocurrency has been around for the last ten odd years and it’s a different way of representing currency. Traditionally it’s gold coins, it was something that you could handle. Nowadays people are moving to a more electronic form. There’s no inherent value to cryptocurrency; it’s got a value because people have decided it does. And all it is is a small package of information that can uniquely prove as yours and you can subdivide and trade with other people, and that’s all done with cryptography.

Chris S - Where do you get Bitcoins from? How are they made or minted?

Chris F - The easiest way for people to get them is to now buy them online. There’s exchanges where you can by your cryptocurrency. All they are is, effectively, a payment from a computer as a thank you for processing some work. So a Bitcoin is known as a distributed ledger, so it’s basically an account book and your PC will get a thank you for processing a part of that ledger and validating that it’s true. But as there’s more devices mining for it the maths behind it gets harder and harder so the value goes up because you have to do a lot more work to get the same reward.

Chris S - One statistic I saw was that actually mining for Bitcoins - so doing these computer calculations - leads to emissions of more CO2 from data centres than the whole of the country of Ireland!

Chris F - There’s been a lot of speculation around that. It certainly is a CO2 intensive operation. If you look at people who are doing it semi-professionally nowadays, they have extremely large numbers of arrays that are doing calculations all the time and that does utilise a huge amount of electricity.

Chris S - So if you can’t afford to either meet that electricity bill, build a big enough computer, or run a big enough computer the simple answer is you basically steal someone else’s computer indirectly via planting something on their machine that does those calculations on their machine without them knowing and does the work for you and sends you the results. Is that basically what’s happening?

Chris F - Yeah, pretty much. The electricity costs are now at a point where there is a tradeoff between whether it’s actually worth mining some of these currencies. So now it is very much use someone else’s resources, steal their electricity and then get the coin for free.

Chris S - How are people doing this?

Chris F - There’s two main methods that people have started to adopt. They are getting you to open an email that opens up an application that cryptomines, and that sits in the background on your PC doing that. Most people don’t notice it other than the fact it will slow your PC down. There’s now a trend in the last six months to doing it in browser, and this is the bit that’s got slightly more troublesome because it’s so easy to exploit.  And that is where websites are installing something called “Javascript.” It’s a bit of software inside their webpage that runs in the background and it uses your spare CPU cycles to generate the coin for them.

Chris S - Oh god, that’s really sneaky! So by visiting a website you don’t even realise you’re actually trying to earn some money for the website owner and it’s basically your electricity bill that’s paying for that?

Chris F - Yep. Recent scans of the web found about 33,000 sites already, and that’s just well known sites that have started doing it in the background...

Chris S - Wow! When you say “well known” as in the kinds of sites that your average web user would visit?

Chris F - Yeah. They’re not necessarily going to be the high brand name ones, but a lot of the ones where you’re getting content for free. So free services are sometimes now subsidising themselves with some coin mining.

Chris S - And it doesn’t compromise the website performance?

Chris F - It does. And that’s where a lot of users are pushing back. There’s been some instances where it’s been the website owner that’s been publishing the Javascript, and that has had an impact. It can dramatically slow down not just your browsing experience for that, but if you’ve got any other tabs open as well, them as well. But what we’ve also seen is some people surreptitiously putting them into adverts. So the ones that pop up on your webpage, they will be doing the mining but it drags the performance of the main website down as well. And that can be unknown to the website owner because they’re not necessarily controlling their adverts.

Chris S - How would a person listening to this diagnose that they may have this problem?

Chris F - The biggest telltale sign is your PC will slow down. Unfortunately, that’s not unique to cryptojacking, that could be anything. But if you notice that everything’s started to run very slowly, either when you’ve got specific tabs open or where you've got an application open you can just go into “task manager” have a look at your CPU and it will show that it’s pegged at 100 per cent.

Chris S - Is it relatively easy to treat?

Chris F - Yes. That’s the good news is that a lot of the cases that are out there now are easily picked up by antivirus software. They will either block it automatically or tell you that the threats’ present; at the same time it stops these problems...

Comments

Add a comment