What Is Cryptojacking?

Computers are frequently targeted by hackers. Most try to exploit a weakness in the operating system or in the person operating it for their own gain, usually financial.

Cryptojacking is a form of computer hacking that allows the hacker to secretly use another person’s computer to mine, or create, cryptocurrency. This was a major problem five years ago but appears to be surging again as cryptocurrency is becoming more mainstream and in demand.

Cryptocurrency, familiar to some due to the popularity of one currency called Bitcoin, is comprised of many different “coins” or tokens that exist only in computer code. Cryptocurrency is not a physical object like dollars or Euros. These coins are created by computer code and stored on something called a blockchain that tracks exchanges. There are also other types of "wallets" and crypto bank solutions that hold these coins.

Due to cryptocurrencies being decentralized (not controlled by a single financial institution with a physical address) governments are struggling with strategies to collect taxes on payments (income) received via crypto as well as to fight against ransomware attacks that demand payment in cryptocurrency and are therefore untraceable.

Those who mine, or create, cryptocurrencies are paid in the token, or currency, they create. Most cryptocurrencies are limited to a finite number, such as Bitcoin’s 21 million (eventual) tokens.

what is cyptojacking

How Does Cryptojacking Work?

Cryptojacking uses many of the same tactics that other forms of computer hacking use, such as:

  • phishing – sending an email or SMS (called smishing) that appears to be from an official source and which demands immediate action of some sort, whether it’s “verify your PIN” or messages from friends that say “I think you’re in this video” or clicking a link to reroute an undeliverable package – interacting with these emails sends malware into your computer system that can then turn your computer into a robot doing cryptomining for the hacker;
  • malware embedded in ads and websites – beware of clickbait on popular websites that can be loaded with malware that launches cryptomining bots in your operating system – such malware can be embedded in any website but experts say that gambling, porn, gaming, and streaming sites have the highest rate of these malicious actors that can be used for anything from ransomware to cryptojacking.
  • viruses spread through contact lists – while this is old-fashioned it still works – your cell phone can be hacked if you click on a link from a trusted source, perhaps a friend with a message that they have a photo of you – it may launch cryptojacking as well as sending a similar message to your friends by hijacking your contacts list, potentially creating cryptomining bots out of your friends’ computers as well.
  • cloud cryptojacking – this is a more technically challenging form of computer takeover that involves breaking into a network of computers via files that are embedded in cloud computing.
  • browser-based cryptojacking – employs flaws in common browser platforms, whether Firefox, Chrome, or Explorer, to insert malware into users’ systems.

By gaining access to a person’s computer, a hacker can inject or download malware into their operating system and control their computers, secretly using them to produce code for cryptocurrency.

How to Detect Cryptojacking

The most common telltale sign of cryptojacking is an inexplicable increase in computer usage realized through high electric bills, slow performance of the machine, or off-the-charts network activity. While business users generally have software that monitors for potential hijacks, individual users must rely on:

  • a spike in one’s energy bill that indicates unknown actors using electricity around the clock;
  • a steep decline in computer performance;
  • disruptions of normal computer functioning, or
  • overheating devices.

Famous Cases of Cryptojacking

Large networks of computers that are harnessed by cryptominers may churn out code much faster than individual computers, allowing the person behind the hack to make money (tokens) faster and with less effort. Some notable cryptojacking schemes include:

  • The philanthropic organization Make A Wish had its content management system infiltrated by cryptojackers who compromised a flaw in its code to set up a major cryptomining scheme in 2017.
  • In 2018 the electric vehicle manufacturer Tesla discovered that its Amazon Cloud software had been compromised by hackers mining a digital currency called Monero.
  • Government agencies in the U.S., Canada, and at least one other country were victims of cryptojacking when hackers exploited a flaw in text-to-speech software to make cryptominers out of visitors to official websites.
  • Coinhive was a browser-based cryptomining software that websites could use to monitize visitor traffic. Unfortunately hackers quickly learned to exploit flaws in Coinhive that allowed them access to visitors’ computers long after they’d moved on. The software was shut down in 2019 to end the potential cryptojacking.

Protection Against Cryptojacking

Network managers have a particular interest in detecting and preventing cryptomining on corporate- or institution-level routers or machines due to the potential for overheating and slow performance. IT professionals are constantly on guard for cryptomining with and are likely to use specially-designed programs that monitor just for that.

Individuals may use the following steps to check for cryptojacking in their personal computers:

  • note poor performance of any device that has its operating system and virus protection updated frequently
  • run in-depth scans that examine the hard drive for unusual use or unintended downloads of potential malware
  • don’t overlook any connected gadget like gaming systems or Internet of Things item that may also be infected and contributing surreptitiously to cryptomining; for businesses and individuals alike, seeking custom IoT consulting services can be a proactive approach to strengthen their cybersecurity measures
  • check the task manager and other systems reports when the computer is on to detect any unfamiliar activity on the machine.