How to Know if Your Computer Has Been Cryptojacked
Cryptojacking is the latest scam to get a fancy industry name. In a cryptojacking attack, your computer’s resources are going to be highjacked and put to work mining (i.e. conjuring up out of nowhere) cryptocurrency for someone else.
You can get cryptojacked in one of two ways…
The first way is pretty standard. Because cryptojacking scripts are essentially a form of malware, they can be delivered in the usual malwarey ways… by opening a malicious email attachment or by visiting a malicious website. If you do either of these things, then you will have installed a cryptojacking application on your device. And you’ll be burning electricity to mine cryptocurrency for someone else for as long as the application is present and the device is switched on.
The second way to become an unwitting crypto-miner is to visit a website that has had a cryptomining application added, either by a crafty website operator or by some third party – for example through the display of a malicious ad. In this case, you’ll be mining cryptocurrency for someone else for as long as your browser is visiting the infected website.
By now, you’re already well versed in how to spot scammy emails and shady attachments, so you’re not going to get stung that way. But you might get stung by visiting a cryptomining-ready website or one that’s displaying malware-laden ads (such as Youtube – see below).
The good news is that not all browsers will allow cryptomining applications to run. The bad news is that some do.
You can find out if your browser is susceptible to cryptojacking at the purpose-built https://cryptojackingtest.com/
This website is operated by the makers of the Opera web browser. Their goal for this site is to get you to discover your existing browser’s vulnerability to cryptojacking, and make the switch to the Opera browser.
No one likes change, so we’d rather not switch unless we really have to. So the question is - do we need to switch?
Like all good nerds, I have a bunch of browsers, but Google Chrome is the one that gets most use. Is Chrome vulnerable? Will Chrome silently run someone else’s cryptomining application without my permission?
Right now, the answer to that question is Yes. With the most recent Chrome update installed, I ran the cryptojackingtest.com test and yep, Chrome will happily load and run the cryptomining software.
Is there a solution that doesn’t involve switching browsers?
Happily, yes.
Enter uBlock Origin.
uBlock Origin (uBO) is a browser extension (plug-in) that blocks ads from showing on the web pages that we visit. This is helpful because online ads can be distracting. And more importantly, online ads can be made to install malware (such as cryptomining applications) on our devices. So uBO makes good sense (unless your business is dependent on ads).
And there’s even more good news! uBO also stops cryptomining applications from running. Right now, there are about 30,000 websites that have the Coinbase cryptomining application installed. If you were to visit any one of those websites, then your browser and device is going to be press-ganging into mining (Monero) coins for the website operator. This is going to slow your machine down to a crawl and be generally annoying. uBO stops this from happening.
So there you are. Three good reasons to install an ad blocker – or more specifically, the uBO ad blocker. For reference, uBO is free to use and is supported by donations made via their website.
Further Reading
Fun article on how to use Search to find websites that have the Coinbase cryptojacking application installed. There are 30,000+ as of today.
Salon.com gives visitors to their website a choice – view the ads or let us use your device to mine for cryptocurrency
Visitors to Youtube get stung by cryptomining-laden ads courtesy of scammers using Google ad network.