Is your computer slowing down? It might be making someone else rich

Fortinet, the global player in high-performance cybersecurity solutions, has issued an advisory to users to check their computers if they feel that the devices are acutely slowing down. They could unwittingly be donating computing power to cybercriminals who are "browser cryptojacking".

Fortinet’s FortiGuard Labs researchers have been discovering more and more of such incidents, which are essentially a new trick used to stealthily mine Monero cryptocurrency using stolen CPU resources, the company said. This is done by loading a rogue script into the web browser. The script contains a unique site key that works to enrich cybercriminals with Monero currency every time they visit certain websites.

Browser cryptojacking was discovered last September when a new technology to mine Monero cryptocurrency within web browsers surfaced. The script was written in JavaScript and is easily embedded into any web page. Once a computer user visits compromised pages, their computing power is hijacked for mining the currency*. The more time users spend on such web pages, the more CPU cycles can be consumed. Hackers typically pick illicit video streaming web sites, where people stay for hours watching movies or TV serials, to plant such scripts.

Back-of-the-envelope calculations by security researchers show that cryptojacking can be lucrative − hackers targeting popular illicit sites like The Pirate Bay can earn up to US$12,000 per month.

Fortinet advises that if users hear computer fans running at full speed without any apparent reason, they can check their CPU usage and terminate the offending process or software to stop the mining immediately. Anti-adware web browser extensions, as well as web filtering and antivirus tools should be installed and kept updated. Fortinet also advises users to refrain from visiting illicit sites.

“When using computing devices, it pays to always be situationally aware and look out for anomalous things, be it your fan speeding up or an email offering something too good to be true,” said David Maciejak, Director of Security Research, Fortinet. “Cyberspace is a perilous place full of schemers trying to take advantage of the gullible. Deploying the right security tools to protect yourself will help, but being cautious and thinking twice before taking any action will also go a long way in preserving your money, confidential data and computing experience.”

*This refers to making complex mathematical calculations that satisfy certain rules to successfully "discover" a unit of cryptocurrency. Each computer that helps to make the calculations is assigned a unique serial number and is entitled to a share of that unit. Many attempts have to be made to mine cryptocurrency successfully, ensuring its scarcity.