By Gil Vidals, , HIPAA Blog, Resources

Cryptocurrency underwent somewhat of a boom in 2017; everyone wanted in on what seemed like easy money. Buzzwords like “blockchain” began flying around as quickly as the boom happened, then seemed to die back down.

This overwhelming influx of public interest, while beneficial in introducing the general public to something innovative, also brought in more sinister players.

It seems like every week now there’s another headline about crypto, and they’re typically not positive. One of the major side-effects of this torrent of new players in the cryptocurrency game has been cryptojacking, or the unauthorized use of your computer to mine cryptocurrency.

So, how does this all happen?

Let’s start by explaining in very general terms what cryptocoin mining is. Cryptocurrency is controlled by a central “bank”; in basic terms, your computer solves a complex algorithm that is used to verify transactions. In exchange, you’re given a small amount of cryptocurrency as payment.

Details vary between the different types of cryptocurrency, but the core concept remains the same. The complexity of the algorithm being solved is intentionally resource-intensive, as this guarantees the value of the said currency.

Now, the act of mining itself isn’t illegal; if companies want to use their funds to purchase computers to mine for cryptocoin, that’s perfectly within their rights to do so.

Cryptojacking, however, crosses that line. In essence, a website will run a program in the background, unbeknownst to the victim, in order to use the computing power of your personal computer to mine for crypto. So you are unknowingly mining money for someone else.

And while you might think this is something relegated to some shady NSFW or torrenting site based in Eastern Europe, victims of cryptojacking include some very familiar names like Showtime and Politifact and even more recently – YouTube.

Earlier this year, it came out that some YouTube sidebar advertisements contained JavaScript which mined the cryptocoin Monero, while users watched videos. Even the monolithic Starbucks found itself on the wrong side of headlines as customers on their free WIFI noticed their device connections being delayed in order to mine crypto.

So how do you stop these bad actors from accessing your system? There are currently several extensions for most major browsers that prevent miners from utilizing your computer system without your permission.

NoCoin and minerBlock on Google Chrome and NoScript on Mozilla FireFox are some of the more popular options. Additionally, blocking the URL https://coin-hive.com/lib/coinhive.min.js using something like AdBlock can prevent would-be miners from using your computer.

At present, we’ve only touched the tip of the iceberg on this phenomenon known as cryptojacking. We’ve seen the first of potentially many future spikes in cryptocurrency, and with it the growing importance of protecting your resources.

Avatar photo

Gil Vidals is the president and CTO of HIPAA Vault. He is a passionate, subject matter expert on HIPAA compliance and the healthcare cloud, and co-host of the HIPAA Vault podcast. Since 1997, Gil’s mission has been to provide uncompromising and affordable HIPAA compliant hosting solutions to commercial and government clients, helping protect their sensitive health information from data breaches and security vulnerabilities. HIPAA Vault has been recognized as an Inc. 5000 company and a Clutch Top B2B company. He can be reached here on Linkedin.