Crypto Academy Week 5 Homework Post for [@gbenga] | All About Blockchain Security Power Up 100%

As you may have noticed, the value of cryptocurrency has exploded. With this digital currency explosion, it is obviously cybercrime that has taken off in its turn. In this article, I will explain the basics of crypto-jacking and above all, the best practices to have in order to avoid incurring the costs. All these questions I will try to answer them as part of the fifth week homework proposed by the professor @gbenga. Good reading!

What is crypto-jacking?

Source

This is software that will break into your computer and secretly mine cryptocurrency. The problem is, this type of virus is virtually undetectable, it takes hold of your machine and hardly any system scan will be able to detect it. Usually, you will suspect a problem because your computer will start to operate very slowly.

In fact, when you mine cryptocurrency, your computer's computing power is used up, which is why it will run slowly.

Cryptocurrency mining directly uses your computer's processor, graphics card, and RAM, all at the same time. This will greatly reduce the performance of the machine. When a computer mines cryptocurrency, it uses computing power considerably, which power is normally useful for many other tasks. Put simply, these little hacker tricksters use the power of your computer and the electricity you pay to pocket profits. Nice little tip to know, a machine that mines cryptocurrency uses up to 5 times more energy than the average.

Understand where the threat may come from.

It's hard to protect yourself when you don't know where the blow came from. A quick and easy way for hackers to access your systems is through the internet. I know it may sound silly said like that, but we tend to forget that the majority of attacks come from the net. A common trend, everyone likes to surf the internet, whether for leisure, work, to find information etc. The hackers got it right.

A fairly common method of crypto-jacking is through browsers. In general, hackers use JavaScript codes present on the internet in order to hack you.

We will start from the beginning, Javascript is a programming language that is used in the majority of internet browsers and web pages. It is partly thanks to this language that we have animations, good data management, dynamic pages ... The majority of our devices that have a browser use JavaScript. Laptops, desktops, phones, tablets etc. The hacker is in fact using compromised websites (where they managed to introduce their little program) in order to undermine your computer without your knowledge. There are a large number of sites that have already been affected by this type of virus and most of the time the owner does not realize it until a few months later! Don't worry, this technique is fleeting (despite its effectiveness), once your browser or website tab is closed, you will be rid of the malware. This type of "hack" only works via the Internet, once everything is closed, you are fine.

How can this kind of program run without your permission?

Well, this is the "magic" of the internet, we don't have control over everything. When a user surfs on a site that has been infected, no permission is requested. The program starts automatically. It's a bit like cookies, there are some sites where you are asked for permission, and others where you are not asked for anything. This is what it is done automatically most of the time! We are not asking for your opinion. When you are on your browser, the program goes through this "gateway" to gain entry.

Another fairly common attack in the crypto-jacking world is the native code attack. It is much like "classic" viruses, it involves infecting your system with malware (virus). This malware will then attempt to affect the rest of the network (starting from your computer), in order to control as many machines as possible.

Some tips to protect yourself:

First of all, you have to know that there is no quick fix. There are several factors to take into account in order to be able to protect yourself.

1. Pay attention to the files you download and open. The easiest way to get infected with malware is to download it inadvertently or without knowing it. Email, for example, is one of the most trusted tools for cybercriminals. The goal is simple, invite you to visit a malicious website, open an attachment, disclose information ...

2. Check regularly that your devices are not vulnerable (security breach, proper use of the device, antivirus and up-to-date applications, etc.).

3. Exclude mobile applications that may have a fraudulent appearance. If you don't know an app, start by checking out what people think about it on the forums.

4. Inform your team. Make them aware of classic malware attacks, such as ransomware, phising etc. Prevention is better than cure. Precautions must be taken to avoid difficulties as much as possible.

5. Have strong passwords, firewalls, antivirus ...

While all of these tips should help you avoid getting infected with this type of malware, still be vigilant. If you experience any warning symptoms of cryptojacking (slow network, extremely hot computer, steep electricity bill, spike in CPU consumption), be ready to step in and disconnect the network to prevent the rest of the machines from being corrupted.

My personal experience:

Personally, I avoid being a victim of cryptojacking, for that I update my web browser usualy, as I use the NoMiner chrome extension (available for Firefox too). On Opera, since version 50, an integrated tool helps Internet users by blocking scripts that require the processor to generate virtual currency.