Ransomware vs Cryptojacking. All About Crypto Fraud
Main page News

Malicious software that affects crypto community is becoming increasingly commonplace as hackers find newer ways to gather cryptocurrencies in a dishonest way. The software becomes much more advanced and active. Skybox Security summed up the results of the first half of the year and came to the conclusion that сryptojacking is rapidly gaining popularity and has bypassed ransomware in the threat rating. We decided to talk in detail about these types of malware, to find out how they may affect us.


Cryptojacking is the process of hidden cryptocurrency mining on other people's computers, without the consent of their owners. Cryptojacking software is not a classic malware, as it does not harm the hardware or software of a device. But in the process of shadow mining scripts use a huge part of the processing resources available. They heavily loading the PC processor and its memory resulting in slowing down of the computer, increasing power consumption and heating up of the components.

Usually, mining on websites is used as an alternative to advertising banners and ads. The script uses one or two cores of the computer for mining. And in this case, the slowdown of the PC is almost not noticeable. There are even advantages in this situation. The user gets rid of annoying advertising, the website owner earns their money but unfortunately, there are also cases of abuse of this technology.

It should be noted that cryptojacking is usually used for mining of the monero token. To avoid becoming a victim of software slowing your device, you need to find the source of the threat and eliminate them.

_How to detect cryptojacking:_

  • If the computer begins to slow down drastically, start the task manager and look at the graph at what is loading the processor cores. If only the browser is open, the average CPU load should not exceed 10-25%, and on all the cores evenly.
  • If you see that the load on the cores is much higher, this could be a bad sign.
  • If the script for mining is already in work, close the applications that may be involved in it.

Keep in mind that cryptojacking is possible not only on computers, but also on smartphones. If the device slowed down, and discharges faster, go to the settings tab, responsible for monitoring energy consumption of applications. If some program consumes a lot, it can be a hidden miner.

_Simple rules that will help you deal with cryptojacking:_

  • Do not visit questionable websites.
  • Do not install extensions with an unverified reputation.
  • Install the antivirus (and do not save on it)
  • Install extensions that block browser mining.


Ransomware are malicious programs that encrypt important files ask for money in order to get them decrypted. The extortion program blocks or restricts users' access to their system. This can be done by locking the screen or user files until the ransom is paid.

Ransomware is distributed in many ways. Email spam with malicious attachments is the most effective method. Cybercriminals also use other methods of distribution such as infected software, hacking sites, exploits, malicious scripts, targeted attacks, RDP attacks, server hijacking and others.

The most famous case of such a malicious program is the WannaCry virus epidemic, also known as WannaCrypt, WannaCry Decryptor, WCry and WCrypt. In just a day, the virus day struck more than 200 thousand computers. At the same time, the largest number of attacks was recorded in Russia.

WannaCry is a Trojan that encrypts files on infected computers and blocks access to data. In order regain ability to open their files, the user had to send $300-600 in bitcoins to the purse of intruders behind WannaCry. Of course, there are no guarantees of decryption and unblocking of files after payment.

Attackers also use altcoins. So, for example, Kirk virus-killing virus, which encrypts about 625 types of various files using the RSA-4096 protocol, requires payment in monero cryptocurrency.

In general, for the first time this type of virus was fixed long before cryptocurrencies came, its just that now it’s much easier to to obtain payments through them. In 1989, the malicious program AIDS Trojan spread on floppy disks during a medical conference. The virus encrypted all files on the computer's C drive and demanded to send $189 to a mailbox in Panama.

There are no universal means of combating such programs.

_An integrated approach that prevents their penetration into the network and the system is the best way:_

  • Avoid unverified email messages and do not click on links built into them. If the letter came from an unknown addressee, refrain from opening it all together.
  • Make regular backups of important files. The presence of a backup will minimize the damage.
  • Do not forget to regularly update the software, system and applications.

By Ekaterina Ulyanova

Please describe the error