Cryptojacking Malware — What it is and how to remove it

Cryptojacking — the new fancy buzzword means hijacking websites (and) users browsers to mine cryptocurrency. There’s nothing wrong with mining cryptocurrencies (unless it’s illegal in your country). The problem is with jacking. In order to mine cryptocurrencies, the bad guys hijack a website or user’s browser or machine to get the job done. But what is Crypto-currency mining anyways?

What is cryptocurrency mining?

Cryptocurrency-mining is the process of earning money for discovering new coins (in the cryptocurrency). The way it works is that you have to solve a puzzle, and if you do, you get paid. That’s not an easy puzzle though. For example, for mining bitcoins, today you need to find the data the sha256 hash of which has eight leading zeroes. Game for it? Bitcoins’ algorithm is such that there can ever be 24 million bitcoins. New bitcoins are created upon successful problem solving. However due to the nature of the problem, this works requires computer’s processing power which requires electricity. So strictly speaking, bitcoins just can’t be printed like paper bills. This adds monetary value to each new bitcoin; after all you’ve spent time and energy to discover the new coin.

China has bitcoin mining farms. Farms of cheap, throwaway, refurbished CPUs that are used to mine bitcoins. However as time passes, the difficulty in the algorithm keeps increasing and it get more and more difficult to discover new coins. So after a certain limit these farms are sure to go out of business since it’s not feasible to keep investing so much electricity and effort into the work.

What’s cryptojacking?

So if cryptocurrency mining is not financially feasible, why not mine the currency on others’ computers for free? Would you want to let others use your processor, run it on full power and cause your machine to run hot and hang other apps? Not unless someone asks for your permission and you approve. That’s where the hijacking part comes in.

Isn’t it just better if a site could be hijacked to spread the malware to anyone visiting that site and use the users’ system to do the mining? This means hacking into the website to be able to insert malware.

Also in the last 5 years or so the internet has seen a major wipe-out of online ads due to ad-blocking plugins and browsers. Cryptomining is one alternative that seems feasible, so some websites actually throw a popup in the face asking for the users system to be used to allow cryptomining.

It’s not only websites, even some smartphone ads and apps have this cryptomining malware built in or downloaded on to the system / phone.

Malware Removal

Malware are typically difficult to identify with the naked eye. Most malware are smart enough to tell if it’s actually a human being visiting the site versus a bot. The other problem with cryptojacking malware (as far as websites are concerned) is that this type of malware is pure javascript based. So a smart malware scanner may only be able to figure out from a fixed list of signatures of known cryptomining libraries.

WordPress has the majority share of the CMS used on websites and is the most targeted CMS by the bad guys. Use a WordPress malware scanner to scan for an identify if your WordPress site is hacked. Ideally you should use a malware scanner to only scan and identify malware. Using scanners to automatically fix your site could result in a crippled / broken site prone to data leak, loss or totally hijacking. The right thing to do in case of a malware infection is to approach a WordPress malware removal service. A professional infection cleanup service will not only hunt down the malware but will also identify any security holes and find out how the malware got into the server in the first place. This part is critical to prevent further infection and server abuse.

Summary

Cryptojacking is on the rise— the attacks exploded by 8,500% in 2017, imagine the scene in 2018 now. Don’t take website security for granted especially when the bad guys are motivated by monetary greed.

Leave a Comment