Digital currency is fuelling the latest Internet scam.
DIGITAL CURRENCY FUELS LATEST SCAM
Scores of Canadians dipped their toes into cryptocurrency mining in recent weeks — they just didn’t realize it.
A wave of so-called “cryptojacking” has been sweeping the internet, forcing unwitting web surfers into generating money for cybercriminals.
Hackers infect websites with malicious code that secretly conscripts visitors into an army of cryptocurrency miners. Cryptocurrency mining involves devoting a computer’s processing power to solving a complicated mathematical problem with digital currency offered as a reward.
The cryptojacking process is invisible and web surfers typically don’t even realize anything is happening in the background, unless they hear their computer’s fan kick in as the machine is forced to work at its full capacity. Once they leave the infected website, the cryptojacking stops.
Computer security researcher Troy Mursch recently identified as many as 50,000 websites that had been compromised by the latest hacking trend and said cryptojacking is in its “gold rush” stage.
An incident last month also exposed just how large the problem is becoming. On a quiet Sunday morning with most IT workers at home with their families, the websites of the Information and Privacy Commissioner of Ontario, the Centre for Addiction and Mental Health, and the municipal websites of cities including Yellowknife and Oshawa, Ont., were among thousands that were hit with an attack linked to a thirdparty accessibility app called Browsealoud.
More recently, the infected sites Mursch identified included thousands using the WordPress platform, which is favoured by bloggers and small businesses looking for an easy way to set up a web presence. Canadian mom- and- pop stores, wedding photographers and personal trainers were among those who had their websites turned into profit generators for hackers.
The scheme has proven so profitable that many hackers have been turning their attention away from trying to steal consumers’ personal information or hijack computers with so-called ransomware attacks, says Vancouver- based Jerome Segura, a security researcher with software company Malwarebytes.
“It’s not that it’s not happening anymore but it’s a lot less than it was in the last couple of years when ransomware was the main focus and causing mayhem,” Segura said, pointing to last year’s WannaCry global cyberattack that hit hundreds of thousands of computers including critical machines in hospitals.
“As long as the price of cryptocurrencies stays high, this is going to be the kind of activity that we’re going to see cybercriminals prefer.”
Mursch said his advice to WordPress users is to be diligent about installing software updates, which can be a very easy fix to address security vulnerabilities that arise.
He noted that many of the infected WordPress sites he found appeared to be abandoned by their owners but continued to “just float out there in the ether” loaded with code that could infect web surfers.
Segura said he hopes the cryptojacking trend won’t lead to internet users letting their guard down too much.
“If you take it too lightly and think, ‘Well, it’s not really affecting my computer much,’ what you don’t realize is it’s fuelling an economy that is benefiting criminals,” Segura said.
“This is dirty money that they’re making.”