As a form of Cross-Site Scripting, we're well suited to help you detect and mitigate Cryptojacking attacks and lean heavily on our Threat Intelligence capabilities to do so. Whilst Cryptocurrencies have been around since 2009, it wasn't until 2018 that we started to see a surge in Cryptojacking attacks targeting the Web.
Money! Mining Cryptocurrency comes with the financial overheads of needing to purchase hardware to mine with, and, purchasing electricity to run that hardware, making it difficult to turn a profit. Attackers avoid both of these costs by forcing other people's devices to mine Cryptocurrency for them, meaning they can turn an easy profit.
Whilst attackers have started to expand their horizons and look beyond just infecting your webpages, by infecting your cloud environments too, Cryptojacking still remains a credible threat to contend with. Some arguments are made that beyond a few CPU cycles and some electricity cost for your visitors, the damage caused by a Cryptojacking attack is relatively minor, but we disagree.
Whilst Cryptojacking is not topping the charts as the most popular attack out there, it is still a form of Cross-Site Scripting and with almost no effort on behalf of the attacker, could be re-purposed into something far more dangerous like a Magecart infection.
The Tools and Features of our service will detect and mitigate XSS attacks, regardless of what objective your attackers may have. Below are some of our products that you may be interested in, or reach out to firstname.lastname@example.org if you'd like more information.
Because Script Watch leverages the browser native Content Security Policy, there is no code or agent to deploy and running in the browser means we analyse your site in real-time as your users are browsing. We don't have the same limitations as external scanning services such as authentication or pay walls, geo-sensitive content or an attacker potentially serving safe content to the crawler.
Data Watch will monitor all of the locations that your webpages are sending data to. If your website starts sending data to a new location, it could be the start of a Cryptojacking attack.
Script Watch and Data Watch will allow you to rapidly detect and respond to a Cryptojacking attack and combined, that capability puts you ahead of the field. If you want to take it a step further, Content Security Policy can mitigate a Cryptojacking attack and stop it from even happening.
We subscribe to various feeds of Threat Intelligence data, along with managing our own internally generated feeds, to keep apprised of the latest threats that exist online.