How hackers are using your device to aid cryptomining
Back in the “good old days” of computer malware, hackers would try to gain access to our computers with the aim of prising money out of us.
Whether they did this by tricking us into clicking a dodgy link or by more nefarious means, it was our hard-earned cash they were after. The last few weeks, however, have seen a marked and unusual shift in the world of online crime.
Crooks are becoming less keen on our money – they’re after our computer power instead.
As a result, the chips that power our phones, tablets and computers are being quietly hijacked and used to perform intensive number crunching, which slows our devices, drains their batteries and uses up electricity. The reason for all this: the creation (or mining) of cryptocurrencies such as Bitcoin.
The infamous Bitcoin, and its cousins such as Ethereum and Ripple, have hit the headlines repeatedly in the past few months as people observe wild fluctuations in their value and ponder the wisdom of buying them. But there is a way of getting hold of these coins that doesn’t involve currency exchange: instead, you use computer power to complete the complex mathematical puzzles that validate a “block” of cryptocurrency transactions.
If you manage to solve those tricky sums, you get a reward. For example, successfully mining one block of Bitcoin will yield a reward of 12.5 Bitcoins – currently equivalent to about US$100,000 (Dh367,315). Needless to say, this particular task is not an easy one: a high-end PC might take about 150,000 years to do so.
Nevertheless, enthusiastic miners have found themselves investing huge sums in computer hardware in the hope of “winning” these rewards, from powerful graphics cards (GPUs) to dedicated mining devices, but as cryptocurrencies gain more value, more power is needed to mine them. In the search for that extra computer power, hackers are now requisitioning it from an unsuspecting and unaware public.
Most of these nasty mining tools end up on our devices in the same way most malware does, such as opening a booby-trapped document or following a questionable web link.
New threats are appearing constantly. Last weekend saw thousands of Android phones infected with code that mines a cryptocurrency called Monero. (Another ongoing Monero-mining scheme has, so far, infected more than half a million Windows computers and generated some $3.6m of the currency.)
In recent weeks, malicious mining software has found its way onto devices via text messages, rogue links on Facebook Messenger and even via code embedded in Google ads.
Victims of these hacks wouldn’t immediately be aware what was going on, but their infected devices would be pushed to their limits – indeed, in December, computer-security firm Kaspersky released photos of an infected phone with a battery that had literally buckled, bulged and deformed after two days of intensive cryptomining.