MY TAKE: Knowing these 5 concepts will protect you from illicit cryptocurrency mining

By Byron V. Acohido

The cryptocurrency craze rages on, and one unintended consequence is the dramatic rise of illicit cryptocurrency mining.

It takes computing power to transform digital calculations into crypto cash, whether it be Bitcoin or one of the many other forms of digital currency.

Related podcast: How cryptomining malware is beginning to disrupt cloud services

So, quite naturally, malicious hackers are busying themselves inventing clever ways to leech computing power from unwitting victims — and directing these stolen computing cycles towards lining their pockets with freshly mined crypto cash.

Individual consumers have been the prime victims for more than a year. And now small- and medium-sized businesses (SMBs) are being increasingly targeted — especially companies  rushing to tap into cloud services such as Amazon Web Services, Microsoft Azure and Google Cloud.

To help you unpack all of this, here are five fundamental concepts that will help you understand why you should reduce  your exposure to illicit cryptocurrency mining.

Cryptocurrency basics. Bitcoin gets created by solving an increasingly difficult math problem; the difficulty factor has risen to the point where Bitcoin today can only be mined by special-purpose computers that consume massive amounts of electricity.

However, Monero, Ethereum, Bytecoin and other cryptocurrencies have come along that can still be mined by ordinary computing devices. So naturally, cryptocurrency mining services have cropped up. Coinhive is a notable example. Intended to give web site owners another way to monetize their sites, Coinhive works by embedding a mining function on web sites. However, since it degrades web site performance, it never really caught on until . . .

Cryptojacking arises. . . . someone got the bright idea to hack web sites and install infectious copies of Coinhive on them. This is done in way so that JavaScript code gets silently installed in the browser of the computing device of anyone visiting the infected site. The JavaScript then commences to mine cryptocurrencies without asking permission. The Federal Trade Commission calls this  cryptojacking, and you can now file a complaint with the FTC if you think you’ve run into it.


Cryptojacking, in fact, has scaled to epic proportions. Palo Alto Networks released a June 11 report pegging the value of crypto cash mined by cryptojackers at some $143 million. At least  500 million PCs have been discovered doing such mining, and AdGuard recently found over 200 sites launching crypto mining scripts.

The monetary reward that results isn’t stolen out of anyone’s pocket, per se. However, hacked web sites spewing this mining malware ultimately can get blacklisted. And consumers’ computing devices that get roped into crypto mining invariably heat up and slow way down.

Consumer relief. So what steps should consumers take? Avoid sketchy sites, such as porn, media piracy and Dark Web sites; such sites run a higher risk for spreading cryptojacking scripts. Similarly, be judicious about installing any new add-ons, plugins and phone apps, all of which could be corrupted with mining scripts.

Be cognizant of your computing device’s performance. If your CPU usage rises steeply for no good reason, a power draining mining script might be to blame. You’ll have to take methodical steps to locate, shut down and uninstall the mining script.

After you get your device back to a clean state – or, better yet, before you get victimized – consider using an ad blocking service, like Adblock Plus, and/or a plug in, like No Coin Chrome Extension; these types of services are effective at detecting and blocking known mining scripts.

Cloud targets. Attackers are also targeting businesses with a similar type of illicit cryptocurrency mining scheme, especially companies that are increasing their dependence on cloud services, such as Amazon Web Services, Microsoft Azure and Google Cloud. These attacks build off familiar phishing or website hacking techniques to gain access inside a company’s firewalls. The attackers then concentrate on locating cloud computing instances that aren’t well secured.

The endgame: install mining scripts directly onto these cloud endpoints, thus piggybacking onto a company’s cloud resources to mine Monero or Ethereum, and direct the proceeds into digital wallets they control. The company is none the wiser – at least until a cloud services billing statement arrives showing elevated AWS usage and fees.

SMB relief. The best thing companies can do is the obvious thing, practice cyber hygiene. This requires strict, constant attention to securing logons and encryption keys for all cloud resources. Unfortunately, the current business environment really does not support that approach.

It’s pretty clear that  that vast majority of companies, large and small, at this moment are enamored by how cloud services can lower operating cost and improve speed of innovation. Most, I believe, lack a full appreciation for the need impose security best practices onto cloud-based operations.

Realistically speaking, illicit cryptocurrency mining, whether by way of cryptojacking or via piggying backing off cloud servers, is just getting started. It’s up to each individual – and each company – to understand this, and to deal with it.

Don’t wait until your smartphone heats up and shuts down; or your company’s cloud services bill goes through the roof.

(Editor’s note: Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.)

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone