Your computer or smartphone might be helping criminals crank out thousands of dollars in online currency, and you wouldn’t even know it.
In the latest case, the Russian online security firm Kaspersky says a downloadable program has generated more than $40,000 by operating in the background on victims’ phones, laptops and work computers. The program has been dubbed “PowerGhost,” and it has yet to be stopped.
WATCH BELOW: What you need to know about cryptocurrency
Cybercriminals have also found ways to exploit victims’ computers through their web browsers. In one case from January, someone inserted a line of cryptojacking code into an advertisement on YouTube. Victims saw their computers slow to a crawl when the advertisement appeared, as their processors were hijacked to generate money for the cybercriminal.
Experts say potentially thousands of websites and hundreds of thousands of users have been affected by a form of cryptojacking, although its stealthy nature makes it hard to nail down concrete numbers.
Raj Samani, the chief scientist at antivirus-maker McAfee, says cryptojacking is “one of the fastest-growing areas of cybercrime.”
Here’s how to protect yourself in the new age of cryptojacking.
What are they stealing?
Cryptojacking is all about generating cryptocurrency, an anonymous, decentralized form of online money that can be used to purchase a wide variety of goods and services from internet retailers.
Anyone can “mine” their own cryptocurrency by using a computer to solve complex math problems. However, the process can be time- and energy-intensive, making it hard to turn a profit without a large operation or a cheap source of power.
WATCH BELOW: A beginner’s guide to Bitcoin and other cryptocurrencies
With cryptojacking, hackers are essentially making their victims’ computers do all the work for them. They secretly force thousands of computers to solve math problems in the background, then have the resulting cryptocurrency sent to their own digital wallet. Each computer generates only a small amount of revenue, but their combined efforts can mean big bucks for the cybercriminal.
“It’s the theft of computer resources and it’s the theft of energy,” said Troy Mursch, a researcher with the internet security firm Bad Packets Report.
“They’re stealing your resources to mine cryptocurrency for themselves, and that money goes directly into their pocket.”
This makes corporate networks particularly attractive for cybercriminals, because every computer on the network could be forced to mine cryptocurrency, he said.
“The individual device may not be making the guy rich, but when you rope all these together, … it starts to add up,” Mursch said.
How to spot it
Experts say it’s tough to spot a cryptojacker because it operates like a parasite, siphoning just enough computer resources to remain unnoticed.
Mursch says victims might notice their computer fan switching on when a cryptojacker is operating, because it’s using up more processing resources.
“You lose your work, you lose productivity, and obviously electricity bills are going to go up.”
Samani says the best way to avoid a direct infection is to simply make sure your anti-virus is up-to-date. However, when it comes to cryptojackers embedded in a website, security experts are still trying to catch up.
Mursch recommends a browser extension called MinerBlock, which operates like an ad-blocker for cryptojacking.
“It blocks 99.9 per cent of cryptojacking,” said Mursch, who adds that he doesn’t make any money off the program.
Samani says McAfee is working on its own version of cryptojacking blocker.
WATCH BELOW: Hackers walk away with $32 million in crypto-heist
Booming with Bitcoin
Cryptocurrency captured investors’ imaginations last September when its signature currency, Bitcoin, abruptly surged in value. Other, lesser-known cryptocurrencies such as Ethereum and Doge Coin followed suit, leading to an overall rise in the value of cryptocurrency.
Samani says cryptojacking spiked by 1,189 per cent from last September to March, in direct response to the cryptocurrency boom.
“There’s a direct correlation in the growth of miners compared with the price of cryptocurrencies,” Samani told Global News from the McAfee Lab in the United Kingdom.
He added that cryptojacking is quickly becoming more popular among criminals than ransomware, which locks up the victim’s computer and demands a big payout.
“There is a belief that [cryptojacking] is not as confrontational, and therefore it’s not going to get the level of attention from law enforcement that maybe a [ransomware attack] would have,” Samani said.
Mursch says cryptojacking is typically used to generate Monero, an untraceable cryptocurrency that is popular among online criminals. Monero is worth approximately US$120 on the market at this point.
“Once Monero is mined, you don’t know where that money goes,” Mursch said. “It’s free, dirty money.”
The future of ads?
Cryptojacking code isn’t entirely insidious. Some websites have started to use it for good, either to advance a charitable cause or as an alternative to on-site ads.
The New York City-based charity Bail Bloc asks users to “volunteer your computer’s spare power to get people out of jail.” Donors can download Bail Bloc’s program and let it run as a cryptojacker in the background to help the cause.
Unicef Australia embraced a similar strategy back in May, when it announced that users can donate by opening a cryptojacking webpage in their browser.
The news website Salon also experimented with cryptojacking as an alternative to advertisements.
However, Mursch says the Salon experiment failed because the site was slowing down too many computers.
“It needs a little more development work to be something that can replace advertisements,” he said. “We’re not there yet.”
Samani says cryptojacking is worth investigating as an alternative to ads, as long as sites are open and transparent with users about what they’re being asked to give up.
“I’m optimistic about it,” he said.
He adds that the future of cryptojacking will always be married to the value of cryptocurrency, for better or worse.
“Cryptojacking will just be a natural area of risk,” Samani said.