As cryptocurrencies are becoming more and more accepted in Japan, cybersecurity threats in the form of ‘cryptojacking’ are also rapidly increasing in numbers. With over 130,000 incidents from January 2017 to March 2018, these cases have increased more than 170 times.
Japan is quickly turning into a hub for crypto developments, with corporate giants such as Yahoo! Japan and Monex Group already getting into the fray. Nevertheless, this growth in popularity also comes with an increase in a form of hacking known as ‘cryptojacking’.
The Threat of Cryptojacking
Cryptojacking has been around for some time, but the last months of 2017 when the crypto-craze flooded the market seemed to have accelerated its growth. At a global scale, statistics point to an 8,500% increase during 2017, but it appears that Japan itself is rapidly taking the lead with over 175 times more recorded cases at the end of 2017 compared to the January-March period of the same year.
While stealing processing power from PCs has been the norm, cybercriminals now are also targeting smartphones. There are two situations in which your device’s computational power can get hijacked.
The first case involved being infected by a malicious software through emails or other manners online. This malware would then leech off your device’s processing power to get the cryptocurrency mining done.
The second scenario uses a popular mining script called Coinhive. It appeared back in September 2017 and cryptojacking cases have grown out of control since then, says Katsuyuki Okamoto, security evangelist at Trend Macro.
When you visit an infected website, your browser loads the Coinhive script automatically, letting it tap into your device’s processing resources and start mining Monero.
Monero- The Crypto Preferred by Hackers
As previously mentioned, Coinhive’s script is programmed to mine Monero coins. The explanations for this is given by Hideki Inomata, IBM Japan’s Security Operations Center chief analyst:
“Unlike other cryptocurrencies, Monero is easier to mine, even with relatively low-performance terminals. […] This gives hackers an incentive to target the typical computer or smartphone user, rather than more sophisticated and heavily guarded systems.”
Even though some anti-virus programs might find such mining scripts and block them out, it becomes even more difficult to handle the issue once the device already becomes infected. Hackers are particularly ingenious in finding new ways to bypass all sorts of intercepting methods, as Toshia Nawa, senior security analyst at the Cyber Defense Institute of Tokyo suggests:
“Certain types of malware are sophisticated enough to mine digital coins only while users are not typing, so users are often unaware that their computers are infected.”
Protection is Vital
Scripts for fraudulent coin mining don’t necessarily constitute an impending risk to the personal data which is on the infected device. Still, taking precautionary actions is vital, according to Hiroaki Takiguchi of Symantec, who cautions that “a program that was designed for coin mining could be turned into something else by criminals.”
The short story is that you should be aware of how your device’s performance. If you notice that your phone suddenly starts working slowly, it could indicate that you have been cryptojacked to mine Monero or some other cryptocurrency.