Cryptocurrencies, such as Bitcoin, can be legitimately bought and sold, but you may not know that they can also be ‘mined’ using computer hardware power. And this has birthed a new strain of malware, cryptojackers.
A cryptojacker doesn’t steal your data or raid your bank accounts, but rather hijacks your PC to make crypto-cash for the cybercriminals. And we’ve found it has a massive effect on its speed, battery life and energy use.
Don’t panic, though, as you can easily protect yourself by installing a Best Buy antivirus software program. Read on for more.
Security software – see the best free and paid antivirus packages for PC and Mac users
What is cryptomining?
Cryptomining involves using specialist software to solve complex mathematical problems. By processing blocks of cryptocurrency transactions, miners earn currency in return. The more hardware power you have, the more you can mine.
Cybercriminals have started supercharging their mining operations by targeting ordinary home computers. Enslave enough PCs with malware and you can harness their collective power for mining. And it can very profitable – at time of publication a mined block earned 12.5 Bitcoin, or roughly £77,500.
Symantec, maker of Norton antivirus software, said in a recent report that it had seen an 8,500% increase in cryptomining malware on devices in 2017.
What is cryptocurrency?
Cryptocurrency is a type of digital currency. You might have heard of Bitcoin, but there are others, such as Ethereum and Monero.
You buy a unit or fraction of a unit of the currency, called a ‘coin’, and store it in a digital ‘wallet’. You can then sell the currency via an online exchange.
Rather than traditional banks, account balances and payments are controlled by a network of computers running a database.
A cryptojacker simply adds your device to this database for mining. But in the process it makes it substantially slower, considerably less energy efficient and it drains your battery – all to make money for cybercriminals.
Read our guide to Bitcoin and cryptocurrencies to find out more.
What happens if your PC is infected?
If you click on a dodgy link or rogue message, your PC could be infected with cryptojacking malware. It won’t steal your data or try to access your financial information, so should you really care?
We infected a consumer laptop of an average specification (Intel Core i3, 4GB of RAM, Windows 10) with real samples of cryptojacking malware, and saw what it did.
The malicious software immediately began mining for Monero, one of the hardest cryptocurrencies to trace. It communicated with a server at an IP address located in China while doing so, but we were unable to identify the perpetrators.
Cryptojacker impact on performance, power and battery life
As you can see, the cryptomining malware had a devastating effect on our test computer’s performance. It took 8% longer to download apps on the infected machine, launching popular websites was 12% slower and it took 28% longer to launch standard software apps, such as Microsoft Word. For CPU-intensive tasks, such as zipping and unzipping files, it was nearly 70% slower on the infected PC.
In addition, energy use was increased by a staggering 106% by the power-hungry cryptominer.
Plus, the malware almost halved the PC’s battery life, down from 4 hours 40 minutes on a clean system to just two hours 27 minutes on an infected PC.
So what if you check Windows Task Manager to see why your computer is running so slowly? The sneaky malware has been written to stop working and hide itself as soon as this application is open.
You can read our full report in the latest issue of Which? Computing.
How can I protect myself from cryptojackers?
Cryptojacking is still a relatively rare form of malware and it’s easy to protect yourself by simply installing an up-to-date antivirus package.
The security software will see a cryptojacker just like any other malware, and block it from running on your computer
We have reviews of both free and paid packages that qualify as Best Buys, and software for both PC and Mac users (Apple computers are more resilient to malware, but not immune – read our guide to the best antivirus software for Macs).
Are mobile devices vulnerable to cryptojackers?
Alongside PCs, cryptomining malware also targets Google Android, the mobile operating system running on 2 billion devices worldwide.
We infected an Android smartphone with mining malware and saw the same devastating effect on battery life.
On an infected Android mobile device, we found that it drained the battery 104% faster compared to a phone in an idle state.
Many Android infections come via dodgy apps in the Google Play store. Google now screens apps on download, but it’s always worth being careful over what you install.
For more advice, read our guide to keeping your mobile device secure.