So is this a bad thing? If website developers decide to use this method of monetization instead of advertising, wouldn’t the web be a better place? Almost certainly not. These crypto mining services often work without your knowledge, utilizing huge amounts of CPU and draining your device’s battery in the process. On one website, on one device – perhaps it’s not a problem; but every website? Across every device? That’s a sysadmin nightmare. To make matters worse we’ve only discussed web developers that actively choose to implement crypto mining software on their websites. There has been a whole spate of high profile Cryptojacking incidents recently where code has been maliciously injected unknowingly – even Cristiano Ronaldo hasn’t escaped!
This current trend hasn’t gone unnoticed here at Smoothwall HQ, and our in-house team have been working hard to ensure that these crypto mining services are appropriately categorised as Malware. However, whilst simple domain and URL filtering will always remain an important tool, it doesn’t help to protect users from new unidentified threats – and that’s where our dynamic content filtering really shines.
The Smoothwall blog is awash with articles that tell you how important HTTPS interception and content filtering is, and this one will be no different. This new threat doesn’t look like it will be going away anytime soon, but if you employ a HTTPS decrypt and inspect policy and ensure that the Smoothwall provided ‘Malware and Phishing’ and ‘Adverts’ category are blocked, you can rest assured that your network and your users are safe.
Have you been affected by Cryptojacking? Let us know by leaving your comments below.
Real-time, content aware web filtering technologies combined with next generation firewall give you The Web You Want. Developed in the UK.
1 Savannah Way
Leeds Valley Park