‘I will gladly cryptojack you for a hamburger’
Recent high-profile cryptojacking incidents have shown how those with criminal intent could go a long way to target all manner of systems.
I read a lot of comics when I was a kid, and I have no problem admitting that this habit continues to this very day.
One comic that I was particularly fond of was the stalwart, spinach-infused Popeye. In the comic there was one character, Wimpy, who seemed to be obsessed with chowing down on any hamburgers he could get his hands on.
He would constantly opine: “I’ll gladly pay you Tuesday for a hamburger today.” Oddly, he never seemed to settle his debts.
These days I cannot help but draw a parallel between Wimpy and the latest craze to be sweeping idle computer cycles. That being, cryptojacking.
The idea is pretty simple: a script is injected into a web browser that proceeds to utilize idle computer cycles to mine digital currency. This can be both a legitimate endeavor or a nefarious one.
While this would carve out a minimal amount of time and resources from a home computer, it could be more significant if this affected, oh, I don’t know, a Tesla? (Well, its cloud at least.)
According to recent reports, criminal attackers had indeed successfully installed a crypto-miner into the automotive company’s cloud environment.
Tesla was able to address the issue in short order, but what if it had gone unnoticed? The attackers could have potentially gathered a great deal of bitcoin as a result.
This incident really illustrates how those with criminal intent could go a long way to target all manner of systems in order to mine for digital currency.
Taking into account that this is a fairly recent phenomenon, cryptojacking could potentially become a far more pervasive nuisance if attackers continue to target misconfigured cloud environments in order to further their reach.
So what? It could be little more than an irritant if it is on your laptop, such as a penance for having an ad blocker to access a news site.
However, when it is deployed at scale and the attackers are going after the exposed flank in your digital supply chain, there could potentially be a high dollar cost to you from your provider.
Look out for yourself in the short term. Be sure to be judicious with regards to the plugins that you install in your browser. And if a site complains that you have an ad blocker, question whether or not you really need to use that particular service, as they may not have your best interest in mind.