Computer users now have one more thing to worry about: cybercriminals secretly taping into your CPU or GPU to mine cryptocurrencies. Due to an ability to access your computer via a web browser, “cryptojacking” is on the rise, cautioned a British government agency.
“The technique of delivering cryptocurrency miners through malware has been used for several years, but it is likely in 2018-19 that one of the main threats will be a newer technique of mining cryptocurrency which exploits visitors to a website,” the UK’s National Cyber Security Centre[1]
https://www.ncsc.gov.uk/
(NCSC) wrote in its annual report on April 10, 2018.Some History
While other types of malware have to find a way to trick you into downloading software, in-browser cryptojacking malware doesn’t require you to install a program. Instead, hackers infect a website or an online ad with JavaScript code that auto-executes once it loads in your browser. The cryptomining code then does its job in the background while you continue using your computer as normal. A lag in performance may be the only clue that a computer has been compromised.
Cryptojacking took off in September 2017 when Coinhive published a JavaScript miner that could start mining the ASIC-resistant cryptocurrency Monero (XMR) after a webpage loaded. “Your users run the miner directly in their browser and mine XMR for you in turn for an ad-free experience, in-game currency or whatever incentives you can come up with,” Coinhive says on its website. [3][4]
Shortly after, popular torrent download site Pirate Bay incorporated Coinhive as part of a new monetization scheme that would replace the advertisements that normally keep the site afloat. “We really want to get rid of all the ads. But we also need enough money to keep