A version of this article was first published on HIPAA Vault’s
Cryptocurrency underwent somewhat of a boom in 2017. Everyone wanted in on what seemed like easy money. Buzzwords, specifically, “blockchain,” started flying around and as quickly as the boom happened, it seemed to die back down. This overwhelming influx of public interest, while beneficial in introducing the general public to something innovative, brought in more sinister players. It seems like every week there’s another headline about crypto and they’re typically not very positive ones. One of the major side effects of this torrent of new players in the cryptocurrency game has been cryptojacking – using your computer without your permission to mine cryptocurrency.
So, how does this all happen?
Let’s start by explaining in very general terms what cryptocoin mining is. Cryptocurrency is controlled by a central “bank” – in very basic terms, your computer solves a complex algorithm that is used to verify transactions. In exchange, you’re given a small amount of cryptocurrency as payment. Details vary between different types of cryptocurrency you’re using, but the core concept remains the same. The complexity of the algorithm being solved for is intentionally resource intensive, as this guarantees the value of said currency.
Now the act of mining itself isn’t illegal at all – if companies want to use their funds to purchase computers to mine for cryptocoin, that’s perfectly within their rights to do so. Cryptojacking, however, crosses that line. In essence, a website will run a program in the background, unbeknownst to the victim, in order to use the computing power of your personal computer to mine for crypto. So you are unknowingly mining money for someone else.
And while you might think this is something relegated to some shady NSFW or torrenting site based in Eastern Europe, victims of cryptojacking include some very familiar names like Showtime and Politifact and even more recently – YouTube. Earlier this year, it came out that some YouTube sidebar advertisements contained JavaScript which mined the cryptocoin Monero while users watched videos. Even the monolithic Starbucks found itself on the wrong side of headlines as customers on their free WIFI noticed their device connections being delayed in order to mine crypto.
So how do you stop these bad actors from accessing your system? There are currently several extensions for most major browsers which prevent miners from utilizing your computer system without your permission. NoCoin and minerBlock on Google Chrome and NoScript on Mozilla FireFox are some more popular options. Additionally, blocking the URL https://coin-hive.com/lib/coinhive.min.js using something like AdBlock can prevent would be miners from using your computer.
Unfortunately, however, it seems that we’re only currently discovering a handful out of the full scope of the phenomenon known as cryptojacking. We’ve seen our first of potentially many future spikes in cryptocurrency and with it the growing importance of protecting your resources.