Cryptojacking is becoming a real menace

Cryptojacking — the malicious practice of hijacking one's computer resources to mine cryptocurrencies — has taken off in a big way near the end of last year.

According to a report by Symantec, published on Wednesday, cryptojacking has surged by 8,500% last year, especially since September — which is roughly the time when the price of Bitcoin and Ethereum really hit the stratosphere.

Besides being lucrative, cryptojacking is generally simpler to do than installing malware on someone's computer, and it often goes unnoticed by the victim.

"Cybercriminals use coin miners to steal victims’ computer processing power and cloud CPU usage to mine cryptocurrencies," the report says. "The barrier to entry for coin mining is pretty low—potentially only requiring a couple of lines of code to operate—and coin mining can allow criminals to fly under the radar in a way that is not possible with other types of cybercrime."

While not necessarily as destructive as malware, cryptojacking is far from victimless. It can cause computers to overheat and create damage that way. In organizations, it can cause all sorts of problems, including incurring significant financial costs if the organization is billed based on its CPU usage, the report says.

We've seen cryptojacking pop up everywhere last year, from web sites to Chrome extensions to apps in Apple's Mac App Store. Symantec says it discovered 1.7 million coin miners on computers in December, which should give you an idea of how widespread the practice is.

On the other hand, ransomware — a type of malware often tied to cryptocurrencies — has decreased in 2017, both in terms of new ransomware families being detected and ransom demands being lower. Ransomware, which typically encrypts a person's data and asks for a cryptocurrency payment to unlock it, asked for $522 on average, less than half than it did in 2016. However, as was seen in the example of NotPetya — the highly destructive malware that affected banks and other crucial infrastructure in 2017 — ransomware is often used as a decoy or a tool of disruption instead of actual profit.