Tag: Cryptojacking

Categories
Crypto Daily Topic

Mobile Devices Cryptocurrency Scams

The features of cryptocurrency, such as having no central regulating authority, being immutable, and having relative anonymity, makes it a high-profile target of hackers. And these days, more people own and spend time on mobile phones than they do on PCs. Crypto hackers are well aware of this and have mastered the art of targeting user funds using deceptive mobile apps. 

The features of cryptocurrency, such as having no central regulating authority, being immutable, and having relative anonymity, makes it a high-profile target of hackers. And these days, more people own and spend time on mobile phones than they do on PCs. Crypto hackers are well aware of this and have mastered the art of targeting user funds using deceptive mobile apps. 

 Cryptocurrency features, such as having no central regulating authority, being immutable, and having relative anonymity, makes it a high-profile target of hackers. And these days, more people own and spend time on mobile phones than they do on PCs. Crypto hackers are well aware of this and have mastered the art of targeting user funds using deceptive mobile apps. 

In this writeup, we’ll highlight the most prevalent ways crypto fraudsters are targeting mobile phone users. When you identify the red flags, it’s easier to protect yourself and your crypto. We’ll also list a few steps that you can follow to protect yourself against every type of scam. 

1. Fake Crypto Exchange Apps

Fake cryptocurrency exchange apps are one of the ways scammers can target crypto holders. Such apps, either on a dedicated website or app store, are designed to steal user data. Victims of such fraud will have their data compromised, and they could lose their funds as a result. 

A famous example of this scam is the several fake versions of the Poloniex exchange app that were released before the legitimate app’s release in July 2018. Many of these apps were listed on Google Play. People that downloaded these apps had their information massively compromised, and they lost money in the process. 

Below are ways in which you can protect yourself from a cryptocurrency exchange scam: 

  • Check the app’s official website to see if they have an app after all. If so, use the official link provided by the website to download the app.
  • Check reviews. Reviews can be a reliable way to identify a scam app. If the review section is full of negative reviews and ratings, you might want to steer clear. In the same vein, watch out for an app with nearly all-perfect reviews. A legitimate product will at least have some negative reviews.
  • Confirm whether the developer is legit by looking at their online presence. See if their information is related to a legitimate exchange.
  • Check how many times the app has been downloaded. A popular and legitimate app will likely have a substantial amount of downloads as opposed to a fake one.
  • Enable two-factor authentication on your accounts. It’s harder for a scammer to get past this.

2. Fake Wallet Apps

These are scam wallets that are designed to trick users into sharing personal information, send funds to attacker-specified addresses, and so on. Apps like these are created all the time. In the past, cryptos like Bitcoin, Ethereum, and Neo have been targeted, causing users to lose funds. 

Below are tips to avoid this scam:

  • Apply the precautions for fake crypto exchange apps highlighted above
  • Ensure that completely new addresses are generated the first time you open the app and that both private keys and/or mnemonic phrases are in your hands
  • Check whether the app allows you to generate public addresses.

3. Cryptojacking Apps

Cryptojacking is when a malware uses your device’s processing power to mine cryptocurrency. Although mobile phones have way less computing power than computers, that hasn’t dissuaded cybercriminals from using them for cryptojacking.

A cryptojacking app will often be disguised as a legitimate app for gaming, educational, or other legit use. In reality, such an app will surreptitiously use your phone’s processing power to mine crypto in the background. Other prepaid checking apps will be advertised as legit mining apps, but any rewards will go to the developer and not the user. Usually, such an app will employ an extremely lightweight mining script to avoid detection.

Cryptojacking is harmful because it degrades your phone’s performance and causes it to wear and tear quicker. In some cases, cryptojacking apps can even be hiding Trojan horses for even more malicious software.

This is how to prevent against cryptojacking apps: 

  • Only download apps from legit sites like Apple’s App Store and Google’s Play Store. Ensure the app is marked as ‘Verified.’
  • Check if your phone is draining the battery too quickly and remove any apps responsible.
  • Regularly update your apps, so any security bugs are fixed.
  • Use browsers that have anti-cryptojacking software in place. Also, use browser plugins such as MinerBlock and NoCoin.
  • Install and regularly update your anti-malware software

4. Fake Mining Apps

These are apps that purportedly mine crypto, but all they do is display ads. The apps trick users into keeping the app by a supposed increase in rewards that increase over time. However, these apps are not actually mining crypto. Instead, the developers are profiting from your watching of the ads. 

The best way to steer clear of this scam? Understand that for the majority of cryptocurrencies. Mining is done with specialized computers known as ASICs. Any mining proceeds from mobile mining are extremely trivial and not worth the effort. 

5. Clipper Apps

These are apps that hijack your transactions and replace your address with that of the hacker. With these apps, when you copy the right address, the one you paste is actually that of the attacker.

To avoid this scam, take these precautions when processing a transaction: 

  • Double-check the address before you hit ‘Send.’ 
  • Check not just portions of the address, but the whole thing. Some hackers are smart enough to use an address that resembles yours.

6. SIM Swapping 

This is one of the most serious threats. A SIM swap is a scam in which an attacker gains control of your phone number. They do this by convincing your service carrier that you want to transfer your phone number to a new SIM. Once the transfer is done, the attacker can now access all kinds of data that are related to your phone – from calls to text messages to various accounts’ details. It also means any personal and financial info tied to those accounts is in their possession. This includes crypto wallets and exchanges. 

Crypto entrepreneur Michael Terpin’s SIM swap saga should illustrate this very well. Terpin alleged that he lost over $20million worth of crypto as a result of AT&T’s recklessness with the handling of his phone number. 

Here’s how to avoid falling prey to a SIM swap scam.  

  • Don’t use your mobile number for two-factor authentication. Instead, use an authenticator like Google’s Authenticator or Authy. Other alternatives are hardware authentication devices YubiKey or Titan Security Key by Google.
  • Never reveal your phone number in places like social media. Imposters will readily use such info to impersonate you.
  • Be discreet about your possession of cryptocurrency on social media. This can make you a target. And if folks already know you own crypto, don’t reveal info such as the exchange or wallet you use
  • Talk to your SIM service provider about adding an extra layer of protection, such as a PIN or password to your phone number.

7. Public WiFi

Public WiFi is another entry point for crypto scammers to gain access to your phone and steal funds. Public WiFi is usually open for everyone, and this makes any device using it vulnerable to hacking. For this reason, employ extra precautions every time you use public WiFi. Even better, avoid using public WiFi at all. 

Final Thoughts

Mobile phones are now involved in every aspect of our lives. From entertainment to work to finances, the mobile phone is nearly indispensable. But that everywhere presence is also a vulnerability. And this can’t be truer for crypto holders. Now that you’re aware of the loopholes that crypto swindlers can exploit, you’re better set to protecting yourself and your funds.

Categories
Cryptocurrencies

How to Prevent, Detect and Recover from Cryptojacking 

As cryptocurrencies grow in popularity and value, they continue to face cyber threats due to their internet-based nature. The most common threats are security breaches targeted at individuals and firms holding significant amounts of digital currencies. 

As cryptocurrencies grow in popularity and value, they continue to face cyber threats due to their internet-based nature. The most common threats are security breaches targeted at individuals and firms holding significant amounts of digital currencies. 

As cryptocurrencies grow in popularity and value, they continue to face cyber threats due to their internet-based nature. The most common threats are security breaches targeted at individuals and firms holding significant amounts of digital currencies. 

Over the years, as crypto mining has become expensive but still lucrative, cryptojacking has become the latest threat facing virtual currency users. 

What is Cryptojacking? 

Generally, cryptojacking is the unauthorized use of a computer, tablet, smartphone by a cybercriminal to mine cryptocurrencies. The process is pretty straightforward as all the hacker has to do is send you a malicious link or infect a website with malware. Once you open the link or the website, the malware auto-executes in your device and starts mining cryptos in the background.

The attack might also be targeted at a business’s cloud platform. By hacking into this platform, the cybercriminals tap into the computer resources resulting in increased cloud usage cost at the expense of the business or institution.  

You might think that cryptojacking was rampant only in 2017 when the market was booming. On the contrary, recent data suggests that the practice has been on an upward trend even in the bearish market. The reason for this is that as the crypto-market turns bearish, mining doesn’t generate enough profits to cover the resources used. This has led cybercriminals to resort to siphoning computational power from unsuspecting victims as a cheaper and less risky alternative to earning returns. 

Most of the cryptojacking is done using JavaScript miner, which is also used for legitimate mining. This means that a perpetrator doesn’t require high technical skills since the miner can easily be bought as a complete kit. What’s worse, it’s impossible to trace a miner to a particular hacker since the mining code doesn’t encrypt their data. This is especially true for anonymous cryptos such as Monero and Zcash, which makes it harder to trace cryptojacking activities. 

How to Detect and Recover Cryptojacking 

It may be hard to trace a cryptojacking hacker, but that doesn’t mean it is impossible to know if your device is compromised. All it takes is just paying attention to your device’s performance. So, here’s how to find out if your device has been infected with crypto mining scripts. 

i) Overheating 

Cryptojacking codes tend to use a lot of electric power, causing your device to overheat. If left unresolved, overheating can damage other hardware, such as the storage drive leading to expensive repairs. Keep in mind that overheating doesn’t necessarily mean your device has been compromised. It can also be caused by unrelated issues such as a damaged fan or dust clog-up. So, ensure your device is always in good condition to make it easy to detect overheating caused by cryptojacking. 

ii) Notice Lag in Performance

Cryptomining code slows down your device’s performance, as it overworks the Central Processing Unit (CPU). You’ll easily notice the lag when performing basic functions such as opening files or typing in details. 

Alternatively, you can look at your CPU’s level of usage from the Task Manager tab on your PC or Activity Monitor on a Mac computer. If the CPU usage is higher than usual, then there’s a good chance that the cryptomining script is running in the background. 

iii) Scan for Malware 

Making use of your device’s security software is one of the best ways of detecting cryptojacking scripts. Although not all scripts can be detected, scanning for these malicious scripts regularly can save you the damage. You should also ensure your security software is always up to date for effectiveness. 

Additionally, if you own a website, it is advised that you scan for any changes in your code. This is where cybercriminals embed cryptojacking codes, so monitoring your site can help you detect threats early enough.

iv) Keep Tabs on Cryptojacking Trends

Cybercriminals are always improving and devising new ways of siphoning your device’s computational power. Staying on top of the latest trends will help you keep with the script’s improvements as you also learn how to detect them. You can get the latest news on cryptojacking from reliable sources such as CoinDesk, CryptoSlate, and other top cryptocurrency blogs. 

Having known how to detect cryptojacking, it’s pretty easy to recover from it. If you are dealing with a JavaScript attack, your first response should be to kill all running tabs. In the same vein, you should uninstall any suspicious browser extensions. Also, blacklist the website from which the attack originated from. It’s also advised that you deploy anti-malware to avoid further attacks. 

With this in mind, let’s look into how you can prevent cryptojacking in the first place. 

Ways of Preventing Cryptojacking

Here are some preventative measures you should take to safeguard your device from cryptojacking:

  • Security Training 

Security training involves building awareness of what cryptojacking attacks look like. This method works perfectly in a business or institutional setting where there are many employees, some of whom aren’t aware of cryptojacking. 

Essentially, the training should be aimed at educating employees on cybersecurity tips such as not clicking on phishing emails or suspicious sites, and downloading files from trusted sources only. 

You may also consider training your IT team on how to identify various attack methods and necessary actions to take to mitigate the threats. 

  • Disable JavaScript

Disabling JavaScript when browsing online, can prevent cryptojacking scripts from running on your computing devices. You can disable it on a single page of a site or even within the entire website. Keeping in mind that JavaScript is widely used by most sites, you should expect some web features to fail to work. 

  • Use Anti-Cryptojacking Extensions

Most of the cryptojacking scripts are found in web browsers and online sites. As such, installing trusted anti-cryptojacking extensions such as minerBlock and No Coin is an effective way of preventing cryptojacking. Ad-blockers can also help detect and block malicious scripts. 

Conclusion

Cryptojacking is not only a threat to the digital currency community but also to everyone who has a computing device. Like any other cybersecurity threat, it is almost impossible to anticipate cryptojacking or even stop it from happening. The only sure way of dealing with these threats is through the early creation of awareness, detection, and prevention. 

Categories
Crypto Daily Topic

Cryptojacking Infections Drop by 78% After Interpol Crackdown in Asia

Sting operations coordinated and carried out by international crime-fighting agency Interpol in Southeast Asia to stem the proliferation of cryptojacking malware has resulted in a massive 78 percent drop in infections.

Sting operations coordinated and carried out by international crime-fighting agency Interpol in Southeast Asia to stem the proliferation of cryptojacking malware has resulted in a massive 78 percent drop in infections.

Sting operations coordinated and carried out by international crime-fighting agency Interpol in Southeast Asia to stem the proliferation of cryptojacking malware has resulted in a massive 78 percent drop in infections.

Interpol was forced to take action after more than 20,000 routers were infected with the Coinhive cryptojacking malware that cybercriminals installed in MicroTik routers. In the six months between June 2019 and January 2020, the agency, assisted by TrendMicro, a global leader in cybersecurity and enterprise data security, carried out the sting dubbed Operation Goldfish Alpha that ultimately reduced the number of affected routers by almost four in every five infected routers.

What is cryptojacking?

Cryptojacking, also known as malicious crypto mining, became very rampant around the world from around mid-2017 through 2018 and peaked in 2019. This is an emerging online crime threat that lives discreetly on computers, computer accessories, or mobile devices to use the system resources to mine various kinds of cryptocurrencies.

Cryptojacking is a new form of cybersecurity threat that was brought about by the possibility for hackers to use victims’ computer resources to mine cryptocurrency. According to a report by Kaspersky solutions released in the third quarter of 2019, cryptojacking has already overtaken other forms of cybercrime, including ransomware, in terms of prevalence and frequency.

This previously little-known menace can take over computer browsers, compromise routers to proliferate among devices on a network, and even ‘hijack’ servers to mine digital assets without the owners’ awareness. Like many other malicious attacks on computers, the primary motive for cryptojacking is profit. 

Interpol revealed the outcome of Operation Goldfish Alpha in a press conference in Singapore on January 8th. The agency made the startling revelation that hackers took advantage of a vulnerability in MikroTik routers to infect over 100,000 routers around the world. They pointed out that their operation focused on the ASEAN (Association of Southeast Asian Nations) region after its intelligence showed that the highest number of infections (about 18 percent) were in the region.

International collaboration vital to fighting cryptojacking

Cryptojacking is a new kind of cybercrime that came about with the introduction of cryptocurrency or digital money. It is a kind of threat that the security agencies were not prepared to tackle before. To make operation Goldfish Alpha a success, Interpol’s Global Complex for Innovation (IGCI) and Cyber Foundation projects partnered with various organizations in the private cybersecurity sector, including Cyber Defense Institute and Computer Emergency Response Teams (CERTs).

The operation identified and targeted victims in 10 countries in the Southeast Asia region. They are: Singapore, Indonesia, Brunei, Laos, Cambodia, Malaysia, Philippines, Myanmar, Vietnam, and Thailand. Interpol’s special computer crimes team also sought assistance from the national police of the targeted countries to come up with guidance documents that they used to guide victims in removing the miner script from their routers, patching the vulnerability, and help them prevent re-infections.

Interpol officials announced that by late November and early December 2019, the number of devices infected with the Coinhive malware had reduced by 78 percent. At this time, the operation to remove infections from remaining devices was ongoing, and the agency was optimistic that the number of infected devices would drop even further.

The main takeaway from the conference was that fighting such a crime is easier and more successful when various private security institutions, national police organizations, and international cybercrime prevention agencies collaborate and share intelligence. Detecting and removing the Coinhive malware from infected devices is easier and more straightforward now because of this. Interpol has declared this malware a less serious threat than it was before Operation Goldfish Alpha as more end-users understand what the malware is and how it works.

Cryptojacking remains a serious threat

Despite the Coinhive virus being practically defeated, cryptojacking remains a serious threat to all kinds of devices, and end-users should be vigilant to stay safe from it. During the conference in Singapore, Interpol’s director of cybercrime Craig Jones emphasized on the need for the police everywhere in the world to form strong partnerships with players in the cybersecurity industry to quickly identify and neutralize any emerging cryptojacking scripts before they proliferate as far as Coinhive did.

“By combining expert data on emerging cyber threats collected and analyzed by the private sector with reports of the investigative capabilities of law enforcement, it will be easier to protect communities and individuals from all kinds of cybercrimes – new and existing,” said Craig Jones, the Interpol director.

Interpol listed a number of other notable bodies that played major roles in the success of the Goldfish Alpha operation, including The National Cyber Security Center of Myanmar.

As the world embraces cryptocurrencies and blockchain technologies, it is expected that there will be more cases of new cryptojacking malware that exploit different vulnerabilities and affect different devices. As a matter of fact, there are cases of cryptojacking malware that use up the computer’s resources without actually infecting the computer itself. For instance, there have been cases of websites that drain a user’s computing power when they visit the website without requiring them to install any scripts.

The damage caused by cryptojacking malware

If you are a victim of cryptojacking, you may not notice it right away, if at all. Most cryptojacking malware is designed to operate stealthily in the background, stealing as much computer resources as possible for as long as possible without being detected. The effect is that a computer runs slower than it should while using more power than normal. A user may notice higher electricity bills and a shorter device life without being able to pinpoint where the problem is.

Depending on how subtle the cryptojacking malware is, there are a number of red flags to look for when you suspect that your device is infected. On top of the list is a significant slow down of the device and the cooling fan running faster and longer than normal. Interpol recommends that you diagnose your system to rule out all other potential causes of poor device performance and disconnect from the internet to determine if your device is infected with a cryptojacking malware.