27 Sep 2018
Cryptojacking: The Newest Trend in Computer Crime
The newest trend in among hackers and other denizens of the dark underworld of the internet is something called cryptojacking, which is the practice of using your computer and your electricity to produce bitcoins for someone else by hacking into your computer and using its computing power to break the bitcoin security algorithms. First mentioned in 2017, an increasing number of articles have appeared recently but, so far, at least, the story has escaped the attention of the mainstream media, perhaps because it is too complicated for a 90 second newsbite. An article about cryptojacking by Tyler Elliot Bettilyon did appear recently on Medium but I first became aware of the story from a newsletter by Malwarebytes, an antivirus software provider.
My History with “Cryptojacking”
“Cyberjacking” isn’t a new thing. The concept has been around for decades, long before bitcoin was even a thing. A long, long time ago, I worked for a company that was trying to perfect a system that would allow them to string together a large number of networked personal computers and use them to handle massive computing jobs that could otherwise only be done on mainframe computers that, back then, cost literally millions of dollars. (We’re talking about the dark ages of the late 1980s here, when the average PC measured RAM in megabytes rather than gigabytes.)
In 1989, I was Vice President for Sales and Marketing at a company called Advocate Development Corporation, which was in the business of building large scale database management systems for fundraising campaigns for nonprofit corporations. The problem that ADC faced was that their database systems grew so big that personal computers didn’t have the computing power or the storage capacity to handle them. When you are trying to manage the data for millions of contributions spreading over a number of years, the dataset gets really, really big.
So, Randall, the founder of the company, whose last name has been redacted from my own personal memory banks, hit on the idea of parsing out parts of the database, and parts of the processing jobs required to manage the database, to any computer that he could find on the internet that was in idle mode, borrowing mps (millions of instructions per second, the benchmark for computer performance back then) from that CPU to parse a segment of the database and then pass it back to the host. (High speed cable access was just becoming available at affordable prices. This could never have been done on dial-up modems, of course.)
The concept was simple to describe but difficult to execute, and Randall drove himself to the edge of collapse trying to make it work. I never thought it would, because I had previously been involved with another hardware scheme called PC Share, that offered consumers a primitive local area network by using one PC to host up to four separate machines, each machine being an exact clone of the motherboard on a IC card that plugged into a slot in the PC. This way, up to five users could share the same hard drive and have access to the same data at the same time, which was a primitive demonstration of the concept Randall was working on. PC Share worked, but it wasn’t an optimal solution that didn’t survive as prices for computers continued to drop because every time the host computer crashed, all five users would lose all their work.
Right off the bat, if you’re a programmer, you can think of a bunch of reasons why Randall’s idea wouldn’t work, the most important one of which was the data losses that could occur if the owners of the computers simply turned the machines off while they were in the middle of an instruction. (I’m skipping over the ethical questions because they are too obvious to mention. It wasn’t actually illegal, but it should have been.)
The really interesting thing about that system was that it would operate in the background, without the owner of the program even being aware that their computer was being used by someone else…and this is exactly what the cryptojackers are doing, which makes me wonder what my former colleagues are doing for a living these days.
How Bitcoin Miners Hijack Your Computer
Cryptojacking starts when a bent bitcoin miner delivers some malicious code to your computer, which can be done in many different ways, through an advertising with an enticing “click me” message, an image embedded in an innocuous email, or just a link to another article. Once the code is installed, it calls home (the cryptojacker’s nest) and sets up a link through your internet connection so that the cryptojacker can use your computer’s programming power – and your electricity – to process parts of the algorithm the cryptojacker is trying to break.
There’s a lot of information available about how bitcoin miners operate, so I am not going to get into that. Instead, let’s just talk about what why this is important to you and what you can do about it.
Why Cryptojackers are Cryptojacking
Well, in one word, money.
Bitcoin miners spend large sums of money putting together arrays of networked microprocessors and hooking them up so that they can process the computations required to mine bitcoins. In addition to an initial investment of sometimes hundreds of thousands (and now tens of millions) of dollars, bitcoin mining operations also devour large amounts of electricity to run their computer arrays and to run the air conditioning they need to cool their microprocessors. Electrical bills in the hundreds of thousands of dollars are common. Bitcoin mining is not an ecological activity.
Bitcoin mining operations have actually become so expensive that in some cases it costs more to produce the bitcoins than the coins are actually worth. So, instead of spending all that money on the hardware and the juice required to run the hardware, why not borrow other people’s computer when they’re not using them, and using other people’s electricity to break the encryption, solve the puzzle and claim the reward in bitcoins?
The process for using computers on the internet is virtually the same as using networked microprocessors in a central location, so they don’t have to reinvent the wheel, they just have borrow yours. The technology for doing this has been around for decades, but no one ever found a good enough reason to use it until now.
Why This is Important to You
The most important reason is that, if your electronic devices are under siege by cryptojacker, your devices will not operate properly. Your computer will slow down and heat up. Your cell phone will slow down and heat up. Anything in your home that has an electronic brain that is attached to the internet can become a crypto-clone work station. (This could include your car, by the way, if it has a built-in wifi connection.)
When computer enhanced devices heat up, they age more quickly. Components break down. This is especially true for cell phones, which are more vulnerable to overheating because they have no cooling fans built into them.
Cryptojackers are also sticking their hands deeply into your pockets. If your electrical bills are going up for no good reason, you may be subsidizing a cryptojacker who could be halfway around the world or just around the block, without ever realizing it.
What Can You Do About It
With computers, like many other things in life, an ounce of prevention is worth a pound of cure, so one of the easiest things you can do is to make sure that you practice safe computing.
Fraud experts frequently caution consumers that they should not do business with anyone who calls them out of the blue to offer goods or services. No matter how good the deal sounds, you’ve probably just been cold-called by a con man. Believe it or not, you can get into big trouble simply by answering, “Yes” when a stranger on the phone asks if you’re you. When you say “Yes,” that one word can be recorded and used as evidence that you agreed to something you never agreed to.
By analogy, safe computing begins with not visiting websites where your computer could get infected. That means not following links to unfamiliar sites, and not clicking on advertisements that pop up on your computer screen from companies you’re not familiar with. Just clicking on the advertisement can infect your computer with a Trojan program that will install the cryptojacker’s code on your machine.
Of course, you’re running the strongest antivirus program you can get your hands on, although there are several that aren’t all they’re cracked up to be, but there are also things you can do to monitor your computer’s performance. (I’m not mentioning any particular antivirus program because that would be a hearsay recommendation. I’ll just say that at one time or another I’ve used them all but I am now using Malwarebytes.)
If you are using a Windows computer you can use the Task Manager to monitor your computer’s performance. Simply right click on the task bar and click on start task manager. (On Apple products, bring up the Activity Manager.)
Once you have this utility open, the first thing you should check is the performance monitor. Click on the Performance tab, and check out your CPU usage. CPU usage goes up and down when you are loading programs but your CPU usage should remain under 20 percent unless you are loading programs, streaming music or running videos. (One video clip embedded in a web page can your CPU usage up to 90% on an 8 GB machine.)
If your Performance meter shows your CPU usage at a consistent 90 percent, you might want to check out your machine more thoroughly. Check your Networking monitor and see if there are other people on your local network. Check Users to see if there is someone else logged into your computer. If any of these things show up, it’s time to run a virus scan…or maybe get a new antivirus program.
Is cryptojacking such a terrible thing? Not really. In many cases, you wouldn’t even know it was happening…unless the cryptojackers told you so, which is exactly what the cryptopirates at Salon.com are doing. That’s right. Salon.com, the holier-than-thou liberal website (with which I was once tangentially associated) is actually attempting to make money by using your “excess computing power” to mint bitcoins in exchange for suppressing their ads.
It’s a brilliant idea. Salon has millions of readers and, if those readers don’t want to see Salon’s advertising, they can give Salon permission to run their bitcoin mining operation through their computers. As long as they are asking permission, what could go wrong?
Right, giving someone you don’t know access to your computer to do something you don’t understand with the guarantee that it won’t affect anything. That sounds like a really good idea. I wouldn’t do it, but then I don’t spend any time on Salon either.