By Sam van Heerden, Masters in Philosophy student
While it is well known that surfing the internet can leave you vulnerable to theft, web-based ‘crypto-jackers’ are not after your money or files: they are looking to use your computer’s power to mine cryptocurrency. The research of Computer Science Masters graduate, Rob Len, explored just how prevalent web-based crypto-jacking is.
In a world where technology is rapidly changing, hackers are keeping up with current trends. Since crypto-currencies took off with the rise of Bitcoin years ago, ‘mining’ for these digital currencies has become a legitimate way of earning extra money. In very simple terms, one’s computer performs specific tasks in exchange for some crypto-currency, which is worth money.
In his research, Len analysed the source code of about 500 million websites to search for crypto-jacking scripts. To control your computer’s resources from across the world, crypto-jackers embed websites with these scripts, so that as soon as you land on one of these websites, your computer becomes a cog in their crypto-mining machine.
“It is not ransomware. You are not given an awful screen with a skull saying, ‘Hey give us money if you want your files back’,” explained Len, who is currently a cybersecurity professional working at Mobius Binary Consulting in Cape Town. When it comes to crypto-jacking, you often do not even know it is happening. “All you need to do is visit the webpage that has this code running, and while there, your browser will quietly mine in the background using a crypto-mining JavaScript,” said Len.
Luckily, this crypto-jacking is short-lived. “You close your browser window and it's done,” explained Len. This is different to computer-based crypto-jacking, which secretly installs crypto-currency mining software on your computer, which affects its processing power. Web-based crypto-jacking is more stealthy and less invasive.
But because web-based crypto-jackers do not install anything on your computer, they need to ensure that you stay on the infected website as long as possible. Len’s research found that browser crypto-jacking is more common on the shadier side of the web: adult entertainment sites, illegal streaming services, pirating websites, and others where users are likely to spend more time. “The longer you stay on a website, the more profitable it is for the crypto-jackers,” explained Len, “If you visit for two seconds then they're not going to make any money off of you, but if you're watching an hour-long movie it's better business.”
Len’s research showed that most web-based crypto-jacking is hosted in the United States. Europe, including Sweden and the United Kingdom, and Iran, were also dominant hosts. Although not in the top ten, South Africa was also home to some crypto-jacking websites.
Although no one wants their computer’s resources to be exploited without consent, crypto-jacking might point to a new source of website revenue. Len explained that some websites do in fact ask for permission to use your computer’s resources, so crypto-mining revenue can be seen as an alternative to pop-ups and advertisements.
But for now, web-based crypto-jacking can still point to an existing vulnerability in your computer system. Despite the low level of threat, it might be disturbing to think that your computer can be used by someone else without your permission.
Luckily, there are ways to defend against crypto-jacking. You can get browser plug-ins that scan the source code of whatever website you are on, and will notify you if any crypto-jacking scripts are found. As hackers alter their methods to suit changes in technology, our security methods need to stay up to date too.