The Rise and Rise of Cryptojacking: What You Need to Know

The Rise and Rise of Cryptojacking: What You Need to Know

You’ve probably heard of cryptojacking by now, otherwise known as illicit cryptocurrency mining. But oftentimes, we think that cybercrime affects large companies or that hackers only target important or affluent people. But here’s the thing about cryptojacking: it doesn’t discriminate on social or economic grounds.

According to a study by Switchfast Technologies, small companies are actually a higher target for hackers. In contrast to common misconceptions, as long as they can make money, any company–or individual–is ripe for the taking. The absence of dedicated security personnel makes it easier for hackers to infect devices with malware, phishing, ransomware, or crypto mining botnets.

Here’s a scary fact for you: 60 percent of small firms that suffer an attack go out of business within six months. And here’s an even scarier one: one in three small business owners have no safeguard in place to prevent a cyber attack. So for those of you surfing the net without taking proper precautions, it’s about time you did.

The Unstoppable Rise of Cryptojacking

A few things you should know about cryptojacking:

  • In 2018, cryptojacking became the largest cyber threat, knocking Ransomware off the top spot.
  • Already, according to some sources, one-quarter of all companies have been victims of cryptojacking.
  • In Q4 of last year, cryptojacking incidents skyrocketed by 8,500 percent.

Those are some pretty eye-watering statistics. In fact, earlier this year, we reported that cryptojacking was becoming an epidemic. But despite a temporary downturn in illicit cryptocurrency mining from March to July of 2018, cryptojacking looks to be gathering momentum fast.

According to a report by Kaspersky Lab, Ransomware attacks are on the decline because they aren’t sustainable. Cryptojacking is becoming so popular because it can go on for long periods of time without the victims even knowing.

Moreover, cryptojacking can take place on multiple devices, not just on your laptop or desktop. Think servers, mobile phones, and even IoT devices.

Currently, mobile mining isn’t profitable enough for an individual to do. But deploying thousands of mining botnets to mine on multiple devices over a long period of time is. According to Kaspersky, countries that are particularly at risk when mobile mining takes off are India and China, as they own approximately one-third of all mobile phones in the world. Remember, cryptojacking is indiscriminate.

Taking a Little from a Lot

Unlike a money heist or a one-off, high payout Ransomware attack, cryptojacking takes a little CPU from a lot of people. You may even argue that it’s a low-priority cyber threat since the perpetrators aren’t after your money or data. However, they are making a lot of money–and it’s costing its victims their electricity.

So, think huge power bills, batteries that drain quickly, computers overheating, and a bunch of small business servers mining Monero rather than working at full capacity. In fact, Monero is the most illegally mined cryptocurrency with around 5 percent of all Monero mined illicitly.

Even more important is that the vector for the malware is the same. If your network is vulnerable to cryptojacking, something more serious could easily breach your system, potentially putting you out of business.

In most cases, cybercriminals develop cryptojacking software in such a way that it only uses a small amount of CPU, such as with The Smominru Miner. Over a period of roughly six months, the giant botnet cryptojacked multiple devices and mined over $3 million of Monero.

However, in other cases, criminals foolishly ramp the CPU up so high that they damage the devices or alert the network, such as with the Siacoin Internet Cafe hack.

How Do You Get Cryptojacked?

In-Browser Mining

There’s more than one way to become a victim of cryptojacking and it isn’t necessarily by unwittingly downloading a malicious code. Through in-browser cryptocurrency mining, your device could be mining cryptocurrency just by visiting an infected website. In March of this year, almost 50,000 websites were found to be infected with malicious mining code; among them the UK government’s official site!

The majority of these websites are infected without the site owner knowing. However, in some cases, website owners are using in-browser cryptojacking as an alternative revenue stream to advertising.

Tipeeestream, for example, a site that allows for tipping of live streaming content, allows users to activate in-browser cryptocurrency mining as a means of supporting the content creators if they wish.

The Pirate Bay, on the other hand, sparked controversy and disagreement from its users when they embedded mining botnets in their website to experiment over its profitability. Users noticed that their devices became overheated after leaving their browsers open for a while.

In the case of The Pirate Bay, cryptojacking only occurred when the adblocker was switched off. Using an adblocker or a plugin like NoCoin for your Chrome or Firefox browser can help to protect your device. Although, according to research by RWTH Aachen University in Germany, NoCoin isn’t really up to the task. In fact, as much as 82 percent of infected sites still go undetected.

Coinhive is by far the most popular vector for in-browser cryptocurrency mining, with some 75 percent of infected sites using it. And RWTH research revealed that Coinhive currently mines slightly more than 1 percent of all Monero blocks (approximately $250,000 per month).

Despite these stats, there’s relatively little to worry about with in-browser mining. Simply close your browser and the mining will stop. Downloading malware to your device is more problematic.

Downloading Mining Botnet Malware

If you download cryptocurrency mining malware to your device, you’ll need to remove it as soon as possible. Just like in-browser mining, using an adblocker, antivirus, or plug-in can help but are not always effective.

You can download cryptojacking software in many ways – clicking on a phishing email, a malicious advert, or using a free content management system (CMS) like WordPress.

Research from RiskIQ found that one of the largest vectors for mining malware is a CMS. There are over 13,000 WordPress plugins among Alexa’s most popular sites. Of those, around 3,400 flagged up critical vulnerabilities that could allow mining botnets in.

Video games can also be a problem, with popular digital game marketplace Steam pulling a game after it was accused of being a “cryptocurrency mining scam.”

Victim of Cryptojacking? Here’s What You Should Do

If you find your device running poorly, your fan kicking into overdrive, or your battery lasting way less time than usual, you may be under attack. And you should probably get your device checked out before your power bill confirms your suspicions.

If you are a victim, take heart, crypto mining malware is easy to remove. It’s also only after one thing: your CPU. So, you don’t have to worry about your data or confidential information.

Companies that find themselves cryptojacked, however, should look upon it as a serious wakeup call. And–if they’re like one-third of all small businesses with no cybersecurity plan in place–should quickly devise one before a more malicious actor comes in and puts them out of business.

5 Keys to Consider When Building Your Cryptocurrency Portfolio

5 Keys to Consider When Building Your Cryptocurrency Portfolio

Building a cryptocurrency portfolio is not something you do in 5 minutes. The rise of the cryptocurrency market and ICO’s, in general, has lured many investors into the idea of making big bucks as quickly as possible. And while there’s still plenty of opportunity out there, it pays (quite literally) to be as professional as you can.

It’s the wild wild west all over again, except this time, programmer cowboys are riding in on coded horses in search of digital gold. Arm yourself with some powerful tools so you too have a chance of striking it big.

Let’s dive in and take a look at 5 key points to consider when building a cryptocurrency portfolio.

#1: Bitcoin – The New Benchmark

In the following graphic, we measure the % gains of several major cryptocurrencies against the US Dollar since the beginning of 2018:

Beginner investors love measuring the performance of their favorite coin versus their local currency (like the US Dollar or Euro). This is a mistake, however. Consider instead to measure your performance versus Bitcoin or Ethereum.

In the example above Bitcoin outperformed Litecoin, Monero, and Dash but not Ethereum. 2018 Has so far turned out to be a bear market and having more Ethereum in your portfolio would have minimized your losses. 28% Compared to Bitcoin’s 57%.

Why Benchmark?

The granddaddy of crypto didn’t achieve that title without good reason. Bitcoin’s enormous bull market since 2011 is the result of an economic value system which has been built with the properties of sound money in mind.

It’s no surprise then that many in the crypto community refer to Bitcoin as digital gold. Just as the physical kind is used as a store of value in troubled times so does capital flow into Bitcoin when investors become nervous:

  • No hack of the Bitcoin blockchain has ever been recorded
  • Bitcoin is widely available & well supported on exchanges around the world
  • It is the most liquid cryptocurrency available (easy to find a buyer/seller in the market)

Many smaller coins underperform Bitcoin and are difficult to trade. Ask yourself, is it worth the risk to buy a lesser known coin? In many cases, just HODL’ing bitcoin and doing nothing for a few years will work out better in the long run.

#2: Understand Your Risk Profile

Risk is just as much a part of life as it is in the markets. No pain, no gain, as they say. Investing in this market means dealing with huge swings in price (volatility). And many do not have the stomach for it.

It is essential to ask yourself several questions related to cryptocurrency risk. It’s also a good idea to write down the answers. Some questions to consider:

  • How much capital do you have to invest?
  • Are you comfortable losing some or all of your capital?
  • What are your investment goals?
  • How close are you to retirement?

A good method to measure your risk tolerance is to see how well you sleep at night while invested in the cryptocurrency market. If you find yourself obsessing over price and getting up in the middle of the night to check, chances are, you have too much capital invested. Never ever invest money you cannot afford to lose!

You may want to consider hiring a financial advisor to do the work for you. But keep in mind that accredited financial advisors are almost unheard of in this emerging industry.

#3: Do Your Own Research (DYOR)

Perhaps the worst thing you can do in this market is to invest impulsively or based on a random tip you heard via friends, family, a Telegram channel or Reddit group. This is your money after all.

We live in the age of the internet, and information has never been so widely available as it is today. This is both a good and a bad thing. There’s a bunch of info out there. It’s relatively easy to find, but relatively hard to interpret. It’s your job, as an intelligent investor, to do your own due diligence.

Every project is trying to market themselves in the best light possible. No project is perfect and many are just downright scams. Check in with the experts. There are some excellent sources on twitter providing valuable information on a daily basis.

#4: Take Full Responsibility for Your       Decisions

Now that you’ve done the hard work, it’s time to actually add coins into your cryptocurrency portfolio and face the consequences. That’s right, you are completely responsible for all your investment decisions, both good and bad. Own it. It will make you a better investor.

Don’t be fooled by tweets, videos or posts by investors who claim they never lose. Even the best investors in the world make terrible decisions. It’s part of the game. When you accept your mistakes you also open the door to becoming a better cryptocurrency investor.

In no way, shape or form should any of this post be considered investment advice. If you’ve heard that before it’s because influencers all over the web fear providing content which could be considered as financial advice. Why? Because many investors who lose money often want to shift the blame to someone else. Don’t be that guy/girl.

The recent Bitconnect scandal, which saw a number of influencers served with lawsuits, is a good example. So I say it again, you are completely responsible for your own financial well-being.

#5: Be Patient

When people see double-digit returns in a major bull market it’s easy to catch a case of the fomo (fear of missing out). Be patient, play the long game. The market was here yesterday and it will be here tomorrow.

Unless you are a talented and active day trader, a longer-term HODL’ing strategy might be a better option for you. When you take the longer view, with practice and patience, it’s easier to stomach double-digit losses because you see the bigger picture. Bitcoin has already painted that picture since 2011.

Remember, there are no guarantees with this. Consider also the opposite side of the argument. Use patience as one tool in your larger toolkit. Being patient with a coin which goes to zero does not pay off. Either way, patience is a virtue worth building as you become a better investor.

Cryptocurrency Portfolio Summary

Cryptocurrency investment is not for everyone. Some will become stinking rich from it, and some will lose all their money. With some disciplined work, the chance of you becoming the former and not the latter increases dramatically.

To summarize, keep these 5 keys in mind when building your cryptocurrency portfolio and good luck out there in the markets!

  1. Bitcoin – The New Benchmark
  2. Understand Your Risk Profile
  3. Do Your Own Research (DYOR)
  4. Take Full Responsibility for Your Decisions
  5. Be Patient
Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!