Instances of computers seized to extract cryptocurrencies, a practice known as cryptojacking, increased 8500 percent in the last quarter of 2017, according to a new report from Symantec. The attacks account for 24 percent of all online attacks blocked last December and 16 percent of online attacks blocked in the last three months of 2017, which correlates with the peaks of bitcoin and other cryptocurrencies of the year past.
The Symantec report tracks the rise in cryptojacking, and explains that its increase is partly due to easy-to-operate coin mining applications "with a low barrier entry [to] – which only requires a couple of lines of code to operate ", which many chose as a way to take advantage of the craze of cryptocurrency. In general, cryptojacking increased by 34,000 percent in 2017.
The report says that removing other people's CPUs is much easier than installing a virus on the target computers, and that even those that are completely patched can be vulnerable if they visit the wrong site or application. Last year, the Showtime website secretly extracted the user's CPU for Monero, which has a more mine-friendly hash algorithm than Bitcoin. More recently, Apple eliminated the Calendar 2 application in the Mac App Store that was undermining Monero for putting stress on users' computers.
The Symantec report notes that the costs of these crypto catches on unsuspecting victims: the devices slow down, while the batteries overheat and may experience a reduced lifespan. When focusing on cryptojackings on a larger scale, corporate networks face the possibility of being closed by currency extraction applications, says Symantec. But on a smaller scale, coin miners can avoid detection if the change in people's energy bills stays relatively small. "This allows cyber criminals to earn money without the victims realizing that they have something unwanted on their machine or on the website they visit," the report says.
"If you are stealing the energy and resources of others," then your actions are unpredictable and largely unsupervised, which makes it more difficult to detect if a computer is being used unlawfully, says Alex de Vries, the founder of Digiconomist, a site that tracks the energy consumption of bitcoin and ethereum mining, in a telephone interview with The Verge, "We have no idea how many machines are constantly being used to extract, after a few months, you will only notice that your energy bill is very high" .
"Attackers are moving to get more processing power to generate greater profits"
"Cybercriminals will continue to try to exploit more and more resources for mining," Symantec security response director Kevin Haley told The Verge. "While a large part of these threats are browser-based, kidnapping PCs, Macs and smartphones, the attackers are moving to get more processing power to generate greater profits."
It is likely that crypto will continue to be a problem while it is still profitable to extract the cryptocurrencies from the computers of others and that they are at risk of being trapped. If the prices of cryptocurrencies fall back to become practically useless again, as they were when Bitcoin was first created in 2009, the extraction of coins could naturally disappear as a way to make money.