Fortinet, a cybersecurity solutions company, issued an advisory to computer users to check their devices if they sense that they are acutely slowing down. They could unwittingly be donating computing power to cybercriminals carrying out browser cryptojacking.

fortinet

Fortinet’s FortiGuard Labs researchers have been discovering more and more of such incidents, which are essentially a new trick used to stealthily mine Monero Cryptocurrency using CPU resources. By loading a script into the web browser that contains a unique site key, a cybercriminal could mine Monero Cryptocurrency − without user’s knowledge − every time they turn on their computer and visit certain websites.

Browser cryptojacking started last September when a new technology to mine Monero cryptocurrency within web browsers surfaced. The script was written in JavaScript and is easily embeddable into any web page. Once a computer user visits such compromised pages, their computing power is hijacked for the currency mining process. The more time users spend on the web pages, the more CPU cycles can be consumed. This explains why hackers typically pick illicit video streaming web sites, where people stay for hours watching movies or TV serials, to plant such scripts.

Back-of-the-envelope calculations by security researchers show that cryptojacking can be lucrative − hackers targeting popular illicit sites like The Pirate Bay can earn up to US$12,000 per month.

Fortinet said “So if you hear your computer’s fans running at full speed without any apparent reason, the smart thing to do is check your CPU usage. Go to “Task Manager” on Microsoft Windows ([Ctrl]+[Shift]+[Esc]), “Activity Monitor” on Mac, and “Top” on the Linux command line.”

“The above commands will list all the processes running on your computer, allowing you to find the culprit (usually the web browser, e.g. Google Chrome) by filtering real-time CPU consumption. Once identified, you can kill the culprit by right clicking on it and selecting “end task”, “kill” or “terminate”. This ends your current connection to the compromised website. After that, you can open your browser again and go to other sites without problems.”

The next step is to prevent the computer from being cryptojacked again. Install an anti-adware web browser extension, as well as web filtering and antivirus tools on the computer, and keep these updated. Users should also refrain from visiting illicit sites, Fortinet added.

“When using computing devices, it pays to always be situationally aware and look out for anomalous things, be it your fan speeding up or an email offering something too good to be true,” said David Maciejak, Director of Security Research, Fortinet. “Cyberspace is a perilous place full of schemers trying to take advantage of the gullible. Deploying the right security tools to protect yourself will help, but being cautious and thinking twice before taking any action will also go a long way in preserving your money, confidential data and computing experience.”

Leave a Reply