Although Indian regulatory bodies have maintained their distance from cryptocurrencies – this attitude has not deterred ‘cryptojackers’ from indirectly mining cryptocurrencies off of government websites. Per a report by The Economic Times, published on September 17, 2018, ‘cryptojacking’ continues to be a menace for the websites in the country.
Cryptojacking on a Climb
Hackers continue to mine cryptocurrencies taking advantage of innocent people who click on a malicious link sent to them through e-mail.
Clicking the link allows an easy influx of the corrupt crypto mining code into the user’s system. This malicious code then begins mining cryptocurrencies using the oblivious users’ computing power without their consent.
In a nutshell, cryptojacking implies using someone else’s computer without their knowledge to mine cryptocurrencies.
“Hackers target government websites for mining cryptocurrency because those websites get high traffic, and most people trust them,” said security researcher Indrajeet Bhuyan. “Earlier, we saw a lot of government websites getting defaced (hacked). Now, injecting crypto jackers is more fashionable as the hacker can make money.”
According to a report by Fortinet, the cryptojacking malware has witnessed a steep rise in recent times. While the corrupt code impacted 13 percent of all the organizations in Q4 of 2017, Q1 of 2018 saw the malware impact 28 percent of all the companies, more than doubling its footprint.
It is worth pointing out that this is not the first instance that hackers have resorted to cryptojacking to mine cryptocurrencies.
BTCManager reported on May 14, 2018, that Aditya Birla Group, one of India’s largest conglomerate was attacked by hackers to secretly mine Monero (XMR).
Cryptojacking Infests India
The appeal of cryptojacking lies in its invisibility compared to other methods of hacking, say ransomware.
Rajesh Maurya, regional vice-president, India and Saarc, Fortinet said,
“Cryptojackers who manage to develop and maintain a network of hijacked computer systems are able to generate revenue with a fraction of the effort and attention caused by ransomware.”
As they attract colossal traffic from users, government websites prove to be a useful target for the hackers.
According to some experts, the estimated revenue generated through cryptojacking depends on a number of factors, including the time spent by users on the infected website and the number of systems compromised.
There is a direct relationship between the amount of time spent on the website and the CPU cycles that can be borrowed from the user’s system to mine digital currencies.
This means that longer the time spent by users on the impacted website, better it is for the hackers.
In June 2018, BTCManager reported how a report by the security firm McAfee concluded that cryptojacking incidents have shot up by a staggering 629 percent in 2018, thanks to the low barrier to entry for hackers, which can generate money without too much investment.