Cryptojacking in cyber security (part 2): Preventing Jackers from accessing your computer.
In February 2018, Tesla faced an incident where their cloud infrastructure was compromised by cryptojackers. According to TrendMicro, the hack exposed sensitive data, including telemetry, mapping and vehicle service data.
Tesla Cryptojacked
The jackers took over Tesla’s amazon web service (AWS) cloud environment through an unsecured Kubernotes console, which is an open source application that allows the management of cloud based resources.
The hackers deployed their cryptojacking operation which is based on the Stratum bitcoin mining protocol.
The unfortunate infiltration of Tesla made the news and trended for months.
Read more about Tesla’s cryptojacking incident here.
Cryptojacker’s Goals
While the major goal of a cryptojacker is to mine crypto currencies, through illegal means by taking advantage of the computing power and resources of hijacked devices without the victim’s knowledge and permission, there are more goals and objectives that cryptojackers achieve in their operations.
- Cryptojackers aim to harness crypto currency gains and profits without investing their own hardwares and electricity costs.
- They gain unauthorized access to organizations' and individuals' systems, to steal data or distribute malwares.
- Cryptojackers may sometimes hijack systems, in order to share with other cyber criminals on the dark web for monetary purposes.
- Sometimes, cryptojackers may infiltrate organizations and systems for the reason of blackmail. They gain access to company data and assets, while holding the assets ransom in exchange for financial gain.
- Cultivating a large botnet territory that can be used long-term, to infiltrate organizations.
In the long run, the ultimate goal of a cryptojacker is to make money, and that, illegally.
Preventing Cryptojackers
As discussed earlier here, your computer may be a bot, mining crypto currencies for jackers without your knowledge.
There are a number of ways to prevent cryptojackers from accessing your devices.
- Safe browsing habits
- Be cautious with suspicious links and downloads. Refrain from downloading anything whatsoever from unknown and unverified sources.
- Malwares are mostly embedded into these sites and downloading anything from the sites automatically grants access to jackers.
2. Regular Updates
- Keep your operating system and software up to date
- Ensure that you have the latest security patches.
3. Antivirus software
- Make use of reputable antivirus software. The antivirus helps to detect and remove any malware that may be used for cryptojacking.
4. Performance monitoring
- Monitor CPU and memory usage
- Look out for your computer’s performance, as sudden spikes could indicate the use of your device by jackers for crypto mining activity.
5. Network monitoring
- Implement network monitoring tools tools like SNMP to detect any unusual network traffic that may be related to cryptojacking.
6. Strong passwords
- Use strong and unique passwords to prevent the impact of jackers
- As much as jackers can easily hijack devices when victims unknowingly click links, they can also gain access to passwords of victims.
7. Ad-blockers
- Use ad-blockers to prevent malicious ads from popping up while browsing
- Ads may contain cryptojacking scripts that can infect your device, the best bet is to block them. Browsers like Brave and Arc, block ads while you make use of them.
8. Education and awareness
- Educate yourself and employees (if you own a company) about cryptojacking risks
- Learn how to identify potential cryptojacking threats.
A Little Recommendation
Recently, I came across a beginner course on CISCO, that educates people on the basics of cyber security.
The course explicitly give details and insights into common ways cyber security can be compromised, as well as preventive measures to avoid cyber compromise. You may want to check out the course here.