Cryptojacking works a little differently from other crypto scams, primarily because it can occur without the victim even knowing theyโve been attacked.
If this has sparked a little anxiety, don’t worry. There are a few clear signs that indicate a computer has been exposed, along with several safety methods for fending off malicious cryptojackers.
Sponsored
Before we learn how to stay protected, though, letโs first see how crypto jacking actually works and what the perpetrators’ end goal is.
Table of Contents
What is Cryptojacking?
Cryptojacking is a cybercrime in which a malicious actor uses a personโs personal device to mine crypto tokens without the victimโs knowledge or consent.
Just to be clear, mining is the process of securing or verifying new blocks of transactions that enter a blockchain in exchange for rewards. Usually, cryptocurrency miners on the blockchain do the โworkโ and are rewarded for doing so, but cryptojackers will try to use a personโs computer to achieve this without doing the honest work themselves.
You can think of it in a similar way to carjacking. The biggest difference is that, rather than physically stealing a personโs computer, cryptojackers will infiltrate a device by implanting it with a special cryptojacking script or code.
Once this code is in place, it will begin mining in the background, hidden from the victimโs site. The rewards will be delivered back to the hackerโs wallet.
The Origins of Cryptojacking
Believe it or not, there was once a time, in the early years of crypto, when certain web pages would ask visitors permission to mine coins on their behalf while they remained on the site.
This was essentially seen as a way for readers to โcompensateโ the web publishers by allowing them to extract some tokens, but as soon as the visitor left the site, the mining would stop.
However, malicious scammers didnโt take long to notice this. Very soon, permission stopped being asked, and the mining continued long after the victim returned to their usual business.
Things only got worse when scammers began tinkering with the coding of mining websites. Coinhive is a notable example that, at one point, was the source of over two-thirds of all crypto jacking attack attempts.
This would result in an oncoming wave of cryptojacking crimes that, unfortunately, are still very prevalent today.
What Is the Goal of Cryptojackers?
Mining requires a hefty rig, plenty of computing power, a lot of CPU (central processing unit) usage, and a whole lot of electricity, making it a pretty expensive business.
As a result, the crypto that miners are rewarded often results in them making a small to average profit. Cryptojackers are people who donโt want to buy all of the pricey resources and would rather piggyback off someone elseโs hard work to secure coins for themselves.
To put it simply, the endpoint is making as much profit as possible from one person before jumping to the next and repeating the same process as part of a malicious cycle.
How Does Cryptojacking Work in Practice?
Now that weโve covered the basics of crypto jacking, letโs uncover how these fake miners implement a crypto jacking code onto a personโs private device.
Drive-By Websites
These websites arenโt malicious by intent but have been infected by JavaScript from a cryptojacker. Once the code is in place, anyone who clicks on the site can be automatically infected, meaning the victimโs computer will start mining without them knowing.
Sometimes, a website might ask a visitor to download a specific app to gain access, which can similarly be a ploy to insert the crypto mining script onto a computer.
It should also be noted that these sorts of attacks can also target mobile phones. Though they have much less processing power, being able to infect them en masse can create a formidable mining army for the scammer to use.
Either way, these โdrive-byโ attacks, as theyโve come to be known, are a common technique used by cryptojackers. Rather than infecting a website, they sometimes aim for something a bit smaller and more obscure, like an advertisement.
Malvertising
Cryptojackers can insert their mining code into a fake advertisement on a completely harmless website. This is commonly known as Malware, in reference to the types of Malware being used.
Since the website itself isn’t sponsoring these ads, they tend to appear as pop-ups or in small and obscure windows.
Upon clicking on the ad, the malicious code will either infect the computer immediately or after the victim has agreed to download a specific app the advertisement directs them to.
Browser Extensions
Crypto mining code can even extend into browser-based extensions, especially those added to app stores since itโs much easier for scammers to upload them here rather than create an entire website.
When a person agrees to download one of these extensions, they will begin downloading the code necessary for the hacker to use their devices for mining purposes before soaking up the CPUโs energy once the mining is underway.
It can be very easy to fall into this trap because of how authentic the extensions can seem. For example, in 2019, it was revealed that two popular extensions for Google Chrome secretly contained mining coding, much to the surprise of thousands of users.
Google Chrome announced in April 2018 that it would be banning all extensions designed to mine cryptocurrency, making Chrome safer. However, some fraudulent extensions have still managed to slip through the cracks.
Itโs still worth noting that no browser is entirely protected from this type of attack, so switching to a different one wonโt guarantee that they will disappear.
Phishing Emails
Some hackers use a slightly different method to start their mining escapade: they contact the victim through a phishing email.
These emails often present as new opportunities or unexpected giveaways, prompting the recipient to click on a link or an attached file. Of course, doing so will begin the mining process, even if the link leads to a dead end.
As the New Jersey Cybersecurity and Communications Department noted, most of these emails will contain buzzwords like โPurchaseโ and โSalesโ to grab readers’ attention. They may also include a โRE:โ to trick the recipient into thinking theyโd communicated with the scammer before.
Best Methods for Avoiding Cryptojack Scams
As weโve just seen, cryptojackers can be pretty creative in their methods, but thankfully, investors can help protect themselves in a few ways.
- Use Anti-Malware Software: Anti-malware software can protect a computer against disruptions and attacks. Norton, McAfee, and Total AV are a few of the most popular anti-malware services available today.
- Update Web Browsers: Browser updates tend to also include security fixes that can bolster protection against cryptojackers. Additionally, some popular browsers offer extensions specifically made to shield against cryptojackers, including minerBLOCK, No Coin, and Anti Miner.
- Avoid Suspicious Emails: If a scammer is trying to infiltrate your computer via email, check for spelling mistakes, if the subject line seems suspicious, and whether the address is verifiable. All of these can be dead giveaways of a phishing email.
- Download Ad-Blockers: Malicious ads are one of the most common methods scammers will use to access a device, so keeping a reliable adblocker on deck can negate this kind of attack. AdBlock Plus, AdLock, and Ghostery are some popular examples.ย
- Protect Public Servers: If you host public servers, cryptojackers can target them as an easy infiltration method. Regular patching, switching off unused services, or even closing down the server altogether if youโre not using it actively are ways to protect against an unexpected attack.
- Block Cryptojacking Sites: Some web browsers allow users to block a website or even create a list of sites they want to avoid. Do a little research beforehand, and if you find that people online are highlighting specific sites, then it can be best to block them so that you donโt accidentally fall for their trap.
Signs of a Cryptojack: Is Your Computer Infected?
Though cryptojackers will aim to conduct their mining operations without the victim’s knowledge, there are still some telltale signs that a device might be corrupted.
- Slow Performance and Lag: Mining crypto heavily affects a computerโs resources, especially the GPU and CPU. Suppose the device seems slower than usual, especially for basic activities like checking email. In that case, itโs worth heading over to the activity center to see whether the computer is under heavy stress and whether itโs due to a mining code running in the background.
- Browser Not Turning Off: Cryptojackers can create their own browser window to facilitate mining, even if the main browser has been closed. If you fully close down the browser but notice that it isnโt disappearing from the toolbar and is also using up a lot of energy in the activity monitor/task manager, then it could point to a cryptojacker.
- Warm Device: If you approach a device and notice itโs already warm, it indicates someone has been using it without your consent. In serious cases, this can lead to a computer overheating, especially if itโs only built for work or gaming, rather than mining.
- High Cloud and Electricity Bills: If a cryptojacker gets a hold of a personโs cloud credentials, they can use these resources to assist in mining. As we already know, mining can ramp up electricity costs, so to be safe, itโs worth double-checking whether the bills for the two seem a little higher than they should be.
If you suspect your device has been exposed, you may be able to uninstall or delete the code or program if you find it in time. You can also order an antivirus tool to issue a full computer scan to ensure all protection shields are up and running.
How Big of an Issue Is Cryptojacking?
The crypto industry has seen its fair share of scams, cyberattacks, and hacks over the years, but how prominent is crypto jacking in the end?
Unfortunately, the statistics indicate that itโs one of the most popular methods used by fraudulent hackers in the entire industry.
According to Statista, there were 57 million crypto jacking attempts in 2018, and the number rose to almost 140 million by 2022, a 43% increase from 2021.
SonicWallโs 2024 Cyber Threat Report similarly indicated that the number of cryptojacks in 2024 had risen by a staggering 650% since 2023.
Though the issue doesnโt seem to be dying down, thankfully, crypto community members are always finding new ways and taking active measures to help protect against these cyber criminals.
One example is the shutdown of Coinhive. Its JavaScript code was regularly manipulated by cryptojackers, but when it shut down in 2019, site infections dropped drastically, proving that pushing back against these immoral scammers is possible.
To be on the safe side, though, deploying the safety measures weโve already covered, especially paying close attention to your computer and its resource usage, can minimize the threat by a sizable amount.
On the Flipside
- While cryptojacking remains a prevalent issue, pump-and-dump schemes are arguably the most prevalent scam in the world of digital currency right now.
- This method of artificially inflating the price of an asset can dupe hundreds or even thousands of crypto users at once, and therefore, an issue that every investor needs to be aware of.
Why This Matters
While most scams can be detected at a momentโs notice, crypto jacks can linger on a computer for a very long time and can, therefore, extract massive sums of tokens at the victim’s expense.
Therefore, itโs very important to be aware of how crypto jacking works so that you can stay protected and know how to check your device for any suspicious behavior.
FAQs
Because Ethereum (ETH) moved to the Proof-of-Stake algorithm in 2022, it doesnโt include mining like the Bitcoin (BTC) blockchain.ย
Yes, cryptojackers can infiltrate mobile devices using the same methods that they use for desktops. However, hackers tend to prioritize the latter because these devices lack the same power as computers or laptops.ย