Your computer could be secretly mining cryptocurrency, piggybacking on your computer’s processing power to generate new coins and make transactions without your knowledge. The worse, you don’t even get even a share of what was generated using the resources of your computer.
One of the reasons for the increase in Cryptojacking incidence is the easiness in implementing the procedure. Cryptojacking tools are now available in Darkweb for as little as $30.
How Cryptojacking is done in a computer
The main sources used for Cryptojacking are crypto mining scripts and poisoned websites with malicious code.
Cryptomining scripts are introduced into a computer similar to how malware and ransomware are introduced to unsuspecting users. The hackers mainly use methods like phishing to get users to run the script. They send legitimate-looking emails to users with a link to malicious code. The unsuspecting user clicks the link which automatically downloads the script and runs the script in the background.
The other method is using malicious websites. The hacker injects malicious code into a website or ad which is then delivered to multiple websites. The script is activated as soon as the website is opened. The script will continue to run until the malicious webpage or pop up is closed completely.
How to check for Cryptojacking in your computer
Mining for currency takes a lot of computation from CPU. So, when a Cryptojacking process is going on inside, the computer will be slower than normal as the CPU is busy. Please note: Not all slowing down happens because of cryptocurrency mining. There are multiple reasons for slow performance. Unauthorized mining might be one of those reasons.
- Open Task Manager in Windows, Activity Monitor in Mac
- Check for CPU activity fluctuations while visiting any particular sites. If the malicious code starts to work after opening a site, the CPU will show increased activity. The same goes for Mac.
- Go through the list of running services and scripts. Check if there is anything which is suspicious. If the suspicious process is listed, find the software responsible for installing the service and remove. Also, try to find the location of the service and remove it from the source.