Fortinet’s FortiGuard Labs researchers have been discovering more and more of such incidents, which are essentially a new trick used to stealthily mine Monero cryptocurrency using stolen CPU resources, the company said. This is done by loading a rogue script into the web browser. The script contains a unique site key that works to enrich cybercriminals with Monero currency every time they visit certain websites.
Browser cryptojacking was discovered last September when a new technology to mine Monero cryptocurrency within web browsers surfaced. The script was written in JavaScript and is easily embedded into any web page. Once a computer user visits compromised pages, their computing power is hijacked for mining the currency*. The more time users spend on such web pages, the more CPU cycles can be consumed. Hackers typically pick illicit video streaming web sites, where people stay for hours watching movies or TV serials, to plant such scripts.
Back-of-the-envelope calculations by security researchers show that cryptojacking can be lucrative − hackers targeting popular illicit sites like The Pirate Bay can earn up to US$12,000 per month.
Fortinet advises that if users hear computer fans running at full speed without any apparent reason, they can check their CPU usage. Go to Task Manager on Microsoft Windows by pressing the [Ctrl]+[Shift]+[Esc] buttons at the same time, or Activity Monitor on the Mac, and Top at the Linux command line.
The above commands will list all the processes running on the computer, allowing users to find the culprit (usually the web browser, e.g. Google Chrome) by ranking which process or software has the highest CPU consumption. Once identified, stop the culprit by right-clicking on the process and selecting “end task”, “kill” or “terminate” respectively. This ends your current connection to the compromised website. After that, users can reopen their browsers and visit other sites without problems.
The next step is to prevent your computer from being cryptojacked again. Install an anti-adware web browser extension, as well as web filtering and antivirus tools on your computer, and keep these updated. Fortinet also advises users to refrain from visiting illicit sites.
“When using computing devices, it pays to always be situationally aware and look out for anomalous things, be it your fan speeding up or an email offering something too good to be true,” said David Maciejak, Director of Security Research, Fortinet. “Cyberspace is a perilous place full of schemers trying to take advantage of the gullible. Deploying the right security tools to protect yourself will help, but being cautious and thinking twice before taking any action will also go a long way in preserving your money, confidential data and computing experience.”
*This refers to making complex mathematical calculations that satisfy certain rules to successfully "discover" a unit of cryptocurrency. Each computer that helps to make the calculations is assigned a unique serial number and is entitled to a share of that unit. Many attempts have to be made to mine cryptocurrency successfully, ensuring its scarcity.