Composed of two abbreviated English terms: The component “crypto” is derived from the term “cryptocurrencies” (in German: cryptocurrencies). It refers to virtual currencies such as Bitcoin. The word “jacking” comes from the term “hijacking”, to kidnap, to hijack German. Cryptojacking is the process in which a cybercriminal hijacks resources from your computer or company network in order to generate cryptocurrencies.
What does cryptojacking mean in detail?
Cryptocurrencies are virtual currencies that are not replaced by any real equivalent value. e.g. gold reserves are hedged. Cryptocurrencies are based on an economic principle: they can be earned (“mined”) by making computer resources available. These computing resources are used, among other things, for the complex encryption and storage operations of the cryptocurrency.
In this mining of cryptocurrencies, the principle of supply and demand applies:
The greater the supply of computing resources, the lower their equivalent in the cryptocurrency becomes.
The lower the equivalent value of computer resources, the more resources are offered by those who wanted to earn cryptocurrencies. As a result, the computing power used for cryptocurrencies grew 660-fold within a year.
In the meantime, it is hardly possible to mine cryptocurrencies economically by legal means – even the electricity costs spent exceed the equivalent value.
Cryptojacking arose against this background. Cybercriminals secretly use foreign computers to mine cryptocurrency. The resulting electricity, operating and device costs are borne by the unsuspecting computer owner. The mined cryptocurrency is obtained by the cybercriminal.
In cryptojacking, computers are infected with malware and then misused to mine cryptocurrency.
The cybercriminals’ goal is to ensure that their cryptojacking remains undetected so that they can use the infected computers for as long as possible. The more computers mine cryptocurrencies undetected by a cybercriminal, the higher his revenue.
Where do I come across this problem in my day-to-day work?
At most, you encounter it covertly. For example, in the form of an e-mail that contains a link. After clicking on this link, cryptojacking malware downloads itself onto your computer. However, you do not notice other cryptojacking attacks in your everyday work. For example, if this is done via your web browser or servers.
If your computer or system has been compromised by cryptojacking, you probably don’t suspect anything. This is because the typical signs also occur in uninfected computers:
High processor load
a computer that works slowly and reacts slowly due to this load
computer ventilation running at full speed
Your smartphone can also be misused for cryptojacking. Signs include strong heating and rapid battery discharge.
What can I do to improve my security?
Most measures to reduce your cyber risk also protect against cryptojacking. Particularly important aspects include:
Raising awareness among employees (dealing with emails, pointing out possible signs of cryptojacking)
Securing Internet browsers
Considered assignment of admin rights
Securing and monitoring the servers
Observation and documentation of the everyday, usual computer load in order to be able to detect deviations if necessary
