Nine years after Bitcoin code was first released, crypto currencies are more popular than ever. Despite the wild fluctuations in their prices, more people than ever are entering the markets and participating in the cryptocurrency revolution. And since a lot of money is involved, hackers aiming to get rich at others’ expense are flocking to the cryptocurrencies domain as well.
Crypto currencies are generally regarded as reliable currencies, despite the lack of a central issuing authority. Blockchain technology is used to create crypto currency via crypto ‘mining’ and ensures that every transaction is verified and recorded in a public, distributed ledger, that is impossible to edit after it occurred. While the mining process to harvest those crypto currencies is 100% secure, the safety and ‘well-being’ of other related computing resources is not. The reason for this is called Crypto-Jacking.
To patch together sufficient computing power to effectively mine new currency, hackers have taken to crypto-jacking – hijacking computing power from numerous computers, unknown to their owners, to mine crypto currencies. An in-browser way of Crypto-jacking leverages malicious JavaScript that is placed on web pages. When a user opens a site in a browser, the scripts start working immediately, without the user downloading or clicking on anything. Given that virtually all standard webpages use JavaScript and include thousands of lines of code, the malicious code can be easily concealed.
Crypto-Jacking impacts user experience, since computing resources are allocated towards the hidden mining process and increase energy consumption. Most importantly though, it demonstrates how hackers have found a way to cash in at others’ expense.
Browser plug-ins, which filters sites suspected of being compromised, partially protecting endpoint from in-browser crypto-jacking. A better solution, however, which protects against known and unknown compromised sites, is to protect organization devices using the power of isolation.
Remote browser isolation (RBI) leverages virtual browsers that reside away from the endpoint, in disposable containers located in the DMZ or cloud. The virtual browsers are optimized to provide a smooth browsing experience and have sufficient computing power to do so, yet lack the extra resources required to make them attractive crypto-jacking targets.
Moreover, to prevent malware persistency, the disposable container running in the remote browser was designed to terminate after a brief idle time. As a result, these remote browsing sessions are too short for an effective crypto-jacking session.
Isolation has proven effective in neutralizing browser-borne threats.
The topic of Threats, Exploits and Vulnerabilities will be covered throughout the free-to-attend conference at Infosecurity Europe in London from 4-6 June. See all the talks on Threats, Exploits and Vulnerabilities here. Infosecurity Europe is the leading European event for information and cyber security; find out more and secure your free visitor badge.