What Is Cryptojacking? How to Protect Your Crypto Against the ‘Invisible’ Cyberattack
Cryptojacking works a little differently from other crypto scams , primarily because it can occur without the victim even knowing they’ve been attacked.
If this has sparked a little anxiety, don’t worry. There are a few clear signs that indicate a computer has been exposed, along with several safety methods for fending off malicious cryptojackers.
Sponsored
Before we learn how to stay protected, though, let’s first see how crypto jacking actually works and what the perpetrators’ end goal is.
Table of Contents
- What is Cryptojacking?
- The Origins of Cryptojacking
- What Is the Goal of Cryptojackers?
- How Does Cryptojacking Work in Practice?
- Drive-By Websites
- Malvertising
- Browser Extensions
- Phishing Emails
- Best Methods for Avoiding Cryptojack Scams
- Signs of a Cryptojack: Is Your Computer Infected?
- How Big of an Issue Is Cryptojacking?
- On the Flipside
- Why This Matters
- FAQs
What is Cryptojacking?
Cryptojacking is a cybercrime in which a malicious actor uses a person’s personal device to mine crypto tokens without the victim’s knowledge or consent.
Just to be clear, mining is the process of securing or verifying new blocks of transactions that enter a blockchain in exchange for rewards. Usually, cryptocurrency miners on the blockchain do the ‘work’ and are rewarded for doing so, but cryptojackers will try to use a person’s computer to achieve this without doing the honest work themselves.
You can think of it in a similar way to carjacking. The biggest difference is that, rather than physically stealing a person’s computer, cryptojackers will infiltrate a device by implanting it with a special cryptojacking script or code.
Once this code is in place, it will begin mining in the background, hidden from the victim’s site. The rewards will be delivered back to the hacker’s wallet .
The Origins of Cryptojacking
Believe it or not, there was once a time, in the early years of crypto, when certain web pages would ask visitors permission to mine coins on their behalf while they remained on the site.
This was essentially seen as a way for readers to ‘compensate’ the web publishers by allowing them to extract some tokens, but as soon as the visitor left the site, the mining would stop.
However, malicious scammers didn’t take long to notice this. Very soon, permission stopped being asked, and the mining continued long after the victim returned to their usual business.
Things only got worse when scammers began tinkering with the coding of mining websites. Coinhive is a notable example that, at one point, was the source of over two-thirds of all crypto jacking attack attempts.
This would result in an oncoming wave of cryptojacking crimes that, unfortunately, are still very prevalent today.
What Is the Goal of Cryptojackers?
Mining requires a hefty rig, plenty of computing power, a lot of CPU (central processing unit) usage, and a whole lot of electricity, making it a pretty expensive business.
As a result, the crypto that miners are rewarded often results in them making a small to average profit. Cryptojackers are people who don’t want to buy all of the pricey resources and would rather piggyback off someone else’s hard work to secure coins for themselves.
To put it simply, the endpoint is making as much profit as possible from one person before jumping to the next and repeating the same process as part of a malicious cycle.
How Does Cryptojacking Work in Practice?
Now that we’ve covered the basics of crypto jacking, let’s uncover how these fake miners implement a crypto jacking code onto a person’s private device.
Drive-By Websites
These websites aren’t malicious by intent but have been infected by JavaScript from a cryptojacker. Once the code is in place, anyone who clicks on the site can be automatically infected, meaning the victim’s computer will start mining without them knowing.
Sometimes, a website might ask a visitor to download a specific app to gain access, which can similarly be a ploy to insert the crypto mining script onto a computer.
It should also be noted that these sorts of attacks can also target mobile phones. Though they have much less processing power, being able to infect them en masse can create a formidable mining army for the scammer to use.
Either way, these ‘drive-by’ attacks, as they’ve come to be known, are a common technique used by cryptojackers. Rather than infecting a website, they sometimes aim for something a bit smaller and more obscure, like an advertisement.
Malvertising
Cryptojackers can insert their mining code into a fake advertisement on a completely harmless website. This is commonly known as Malware, in reference to the types of Malware being used.
Since the website itself isn’t sponsoring these ads, they tend to appear as pop-ups or in small and obscure windows.
Upon clicking on the ad, the malicious code will either infect the computer immediately or after the victim has agreed to download a specific app the advertisement directs them to.
Browser Extensions
Crypto mining code can even extend into browser-based extensions, especially those added to app stores since it’s much easier for scammers to upload them here rather than create an entire website.
When a person agrees to download one of these extensions, they will begin downloading the code necessary for the hacker to use their devices for mining purposes before soaking up the CPU’s energy once the mining is underway.
It can be very easy to fall into this trap because of how authentic the extensions can seem. For example, in 2019, it was revealed that two popular extensions for Google Chrome secretly contained mining coding, much to the surprise of thousands of users.
Google Chrome announced in April 2018 that it would be banning all extensions designed to mine cryptocurrency, making Chrome safer. However, some fraudulent extensions have still managed to slip through the cracks.
It’s still worth noting that no browser is entirely protected from this type of attack, so switching to a different one won’t guarantee that they will disappear.
Phishing Emails
Some hackers use a slightly different method to start their mining escapade: they contact the victim through a phishing email.
These emails often present as new opportunities or unexpected giveaways, prompting the recipient to click on a link or an attached file. Of course, doing so will begin the mining process, even if the link leads to a dead end.
As the New Jersey Cybersecurity and Communications Department noted, most of these emails will contain buzzwords like “Purchase” and “Sales” to grab readers’ attention. They may also include a “RE:” to trick the recipient into thinking they’d communicated with the scammer before.
Best Methods for Avoiding Cryptojack Scams
As we’ve just seen, cryptojackers can be pretty creative in their methods, but thankfully, investors can help protect themselves in a few ways.
- Use Anti-Malware Software: Anti-malware software can protect a computer against disruptions and attacks. Norton, McAfee, and Total AV are a few of the most popular anti-malware services available today.
- Update Web Browsers: Browser updates tend to also include security fixes that can bolster protection against cryptojackers. Additionally, some popular browsers offer extensions specifically made to shield against cryptojackers, including minerBLOCK, No Coin, and Anti Miner.
- Avoid Suspicious Emails: If a scammer is trying to infiltrate your computer via email, check for spelling mistakes, if the subject line seems suspicious, and whether the address is verifiable. All of these can be dead giveaways of a phishing email.
- Download Ad-Blockers: Malicious ads are one of the most common methods scammers will use to access a device, so keeping a reliable adblocker on deck can negate this kind of attack. AdBlock Plus, AdLock, and Ghostery are some popular examples.
- Protect Public Servers: If you host public servers, cryptojackers can target them as an easy infiltration method. Regular patching, switching off unused services, or even closing down the server altogether if you’re not using it actively are ways to protect against an unexpected attack.
- Block Cryptojacking Sites: Some web browsers allow users to block a website or even create a list of sites they want to avoid. Do a little research beforehand, and if you find that people online are highlighting specific sites, then it can be best to block them so that you don’t accidentally fall for their trap.
Signs of a Cryptojack: Is Your Computer Infected?
Though cryptojackers will aim to conduct their mining operations without the victim’s knowledge, there are still some telltale signs that a device might be corrupted.
- Slow Performance and Lag: Mining crypto heavily affects a computer’s resources, especially the GPU and CPU. Suppose the device seems slower than usual, especially for basic activities like checking email. In that case, it’s worth heading over to the activity center to see whether the computer is under heavy stress and whether it’s due to a mining code running in the background.
- Browser Not Turning Off: Cryptojackers can create their own browser window to facilitate mining, even if the main browser has been closed. If you fully close down the browser but notice that it isn’t disappearing from the toolbar and is also using up a lot of energy in the activity monitor/task manager, then it could point to a cryptojacker.
- Warm Device: If you approach a device and notice it’s already warm, it indicates someone has been using it without your consent. In serious cases, this can lead to a computer overheating, especially if it’s only built for work or gaming, rather than mining.
- High Cloud and Electricity Bills: If a cryptojacker gets a hold of a person’s cloud credentials, they can use these resources to assist in mining. As we already know, mining can ramp up electricity costs, so to be safe, it’s worth double-checking whether the bills for the two seem a little higher than they should be.
If you suspect your device has been exposed, you may be able to uninstall or delete the code or program if you find it in time. You can also order an antivirus tool to issue a full computer scan to ensure all protection shields are up and running.
How Big of an Issue Is Cryptojacking?
The crypto industry has seen its fair share of scams, cyberattacks, and hacks over the years, but how prominent is crypto jacking in the end?
Unfortunately, the statistics indicate that it’s one of the most popular methods used by fraudulent hackers in the entire industry.
According to Statista , there were 57 million crypto jacking attempts in 2018, and the number rose to almost 140 million by 2022, a 43% increase from 2021.
SonicWall’s 2024 Cyber Threat Report similarly indicated that the number of cryptojacks in 2024 had risen by a staggering 650% since 2023.
Though the issue doesn’t seem to be dying down, thankfully, crypto community members are always finding new ways and taking active measures to help protect against these cyber criminals.
One example is the shutdown of Coinhive. Its JavaScript code was regularly manipulated by cryptojackers, but when it shut down in 2019, site infections dropped drastically, proving that pushing back against these immoral scammers is possible.
To be on the safe side, though, deploying the safety measures we’ve already covered, especially paying close attention to your computer and its resource usage, can minimize the threat by a sizable amount.
On the Flipside
- While cryptojacking remains a prevalent issue, pump-and-dump schemes are arguably the most prevalent scam in the world of digital currency right now.
- This method of artificially inflating the price of an asset can dupe hundreds or even thousands of crypto users at once, and therefore, an issue that every investor needs to be aware of.
Why This Matters
While most scams can be detected at a moment’s notice, crypto jacks can linger on a computer for a very long time and can, therefore, extract massive sums of tokens at the victim’s expense.
Therefore, it’s very important to be aware of how crypto jacking works so that you can stay protected and know how to check your device for any suspicious behavior.
FAQs
Because Ethereum (ETH) moved to the Proof-of-Stake algorithm in 2022, it doesn’t include mining like the Bitcoin (BTC) blockchain.
Yes, cryptojackers can infiltrate mobile devices using the same methods that they use for desktops. However, hackers tend to prioritize the latter because these devices lack the same power as computers or laptops.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
A whale once again increased its holdings by 75.8 BTC, equivalent to about 6.94 million US dollars
100 Bitcoins were transferred out of MtGox-related wallet addresses, worth about $9.1 million
TON falls below $5.5