Bitcoin has finally become a household name. The value of the cryptocurrency has leapt thousands of dollars over the last few weeks. The last week of November saw the value of one Bitcoin surpass $10,000 USD. At the beginning of the year one was worth about $1,000. Although the figure has fallen again once more, it hardly comes as a surprise to learn some less than legitimate folk are seeking out ways to profit from the boom.

Bitcoins are mined using computer software and a mathematical formula designed by Satoshi Nakamoto, the founder of Bitcoin. Nakamoto is anonymous. But the mining process works by using your computer’s processing power to solve certain data processes. The higher the number of processes your machine can solve, the more bitcoin you earn. Bitcoin gain their value as they’re exchanged for goods and services, like any other currency.

But, it takes a lot of computing power to mine digital currency. The electricity bill for just one of China’s bitcoin mining enterprises amounts to $39,000 a day. So how are hackers doing it?

Thanks to what started out as a clever twist designed to monetize web content and deal with the problem of unpopular advertising, the cryptojacking gold rush has arrived. Instead of bothering visitors with ads, borrow a limited amount of their CPU power to mine a cryptocurrency while they visit your web site. It ends up boosting each visitor’s electric bill, but only by a tiny amount.

It sounded like an innovative way to help tackle the prevalence of adblocking apps and services. But the software CoinHive has been repurposed by cybercriminals, and is now popping up on sites all over the internet, and turning up on the PC’s of users who access them. In many cases the software has been installed without the knowledge or permission of the website owners. The digital currency that is mined by CoinHive then ends up in the digital wallets of hackers. Individuals and businesses have no way of tracing their last cryptocurrency, essentially having to wear the costs themselves.

Just this year hosting provider Cloudflare shut down thousands of websites which had been infected by Coinhive botnets, removing all relevant domains infected by the miner, which was found hiding in the website’s code. This shows just how vital some form of website virus removal software or subscription service is to protect against these attacks.

Cybercriminals hijack extensions and add-ons for web browsing programs, which then inserts the malicious code. On a computer, the mining malware will run processors at close to 100% to mine as much cryptocurrency as possible. When the code is installed on a smartphone, the result is sluggish performance and rapid battery depletion as the miner exploits as much of the phone’s free processing power as possible.

According to Symantec, who monitor for mining tools on the computers of customers who use their software. They saw 33,000 new detections in November alone, and the increase means that malware and cryptojacking are shaping up to be major concerns for cybersecurity in 2018.

This article was written by the NUS community. If you would like to contribute your article, please get in touch.