Cryptojacking: a new attack technique

Analysts from Fortinet FortiGuard Labs have recently discovered more and more cryptojacking incidents - a new attack technique. Everything started in September, when the first reports about the excavator of Monero cryptocurrencies appeared . The script was written in JavaScript and you can easily embed it on any page. When a computer user visits such an infected site, the computing power of his device is taken over for the purpose of digging the cryptocurrency. The more time a user spends on this type of site, the more CPU cycles can be used for cybercriminals' needs. This explains why cryptojacking sites are usually selected where users stay for hours watching illegal series or movies. The proceeding can be very profitable - criminals attacking popular services, such as The Pirate Bay, can earn up to 12 thousand dollars a month.

These malicious scripts are used to stealthily excavate the Monero cryptocurrency using the processor of the infected computer. By installing the appropriate script in the browser with a unique website code, the cybercriminal enriches himself in Monero every time an unconscious attack turns on the computer and visits websites - explains Robert Dąbrowski, head of the Fortinet engineering team.

So if you hear the fans of your computer running at full speed for no apparent reason, you should check the CPU usage. When you see a list of all processes running on your computer and setting the filter for real-time CPU usage, you should usually close your web browser. This will terminate the connection to the infected site. After doing this, you can open the browser again and easily visit other websites.

The next step recommended by Fortinet specialists should be to secure the computer with reputable protection software against another cryptojacking attack. It is also worth using the guide prepared by AVLab , where experts provide valuable tips on protection against cryptocurrency diggers in the browser. Of course, you can also opt out of visiting sites with pirated content.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.