Crypto jacking: what is it, and what does it mean to your firm?

By George Ralph

Cryptojacking seemed to be a thing of the past. The shutdown of Coinhive, which was the leading site which dealt with crypto miners back in 2019, seemed to signal a real reduction in reports of attacks. Coinhive provided JavaScript code that websites could incorporate to make visitors’ computers mine Monero. Coinhive’s code was quickly abused: a mining script could also be injected into a website by hackers without the site owner’s knowledge.

Cryptojacking, a process where your device is taken over by a hacker to install software to allow crypto mining to take place, is usually achieved by getting a user to click on a link in an email. A standard phishing exercise in fact. Phishing is best tackled with a mixture of defence strategies. A strong cybersecurity policy is vital, but alongside this staff training comes a close second. Make sure your teams know what to look out for when suspect emails arrive.

There are reports that crypto jacking is on the increase again. According to a report by security firm Kaspersky, cryptojacking cases went up in the first quarter of 2021. The number is estimated at double that during the same period in 2020. The rise of popularity in cyber crime seems to have revived this almost forgotten scam. The interesting thing is that the number of unique modifications to miners also increased by over four times. Unique modifications are changes to a miner’s code in order to mine a new kind of currency or adapt to new systems. Researchers at Kaspersky discovered over 23,000 new modifications to miners in the first quarter of 2021.

Code security should be high on developer’s agendas. We are seeing far greater use of open source software, where the source code of a platform or application can be seen and modified for specific features or processes. If this code is hacked, which can go unnoticed, the hacker has access not only to resources for mining but should they choose, also access to your data. Cryptojacking is only found in most cases if it is being specifically looked for. RFA, over the course of a year of development and testing, has launched Application Lifecycle Management as an addition to its Data Management suite of services. Providing Code Security by applying a new principle of DevSecOps, RFA has integrated an additional step into its continuous integration and deployment practice that performs a static code analysis against security vulnerabilities during the build process. This enables development teams to be agile and deploy multiple times a day, without comprising security. Most coding practices require scheduled reviews and third-party auditors that do not provide real time monitoring. Application Lifecycle Management is part of a wider cyber security service provided at RFA to support attack prevention as well as protection, using machine learning and AI based solutions to support your firms data and information security.