Cryptojacking comes from the words “crypto” and “jacking.” It is a type of cybercrime that uses your digital devices to mine cryptocurrency without your consent. It happens when hackers hijack your computer or smartphone through malicious software sent via phishing emails, corrupted hardware, or infected website links. Unfortunately, cryptojacking attacks can be difficult to detect, and many users can be running programs that secretly mine crypto for someone else without realizing it.

In recent years, cryptojacking has become one of the most preferred attacks used by cybercriminals. In 2018, some of the cloud infrastructure used by Tesla’s Amazon Web Services database was discovered to be running unauthorized crypto mining operations. In that same year, crypto mining malware was also found in the operational technology of a European water utility provider. Government services were not spared; also in that year, about 5,000 sites, including the website of the United States Courts and several other government agencies, unintentionally loaded infected JavaScript files from a compromised third-party supplier. Visitors to these sites ended up running cryptomining operations in their browsers without knowing. 

According to a SonicWall report, the total number of cryptojacking incidents in 2022 stood at around 139.3 million. Then, during the first half of 2023 attacks increased by almost 400% to 332 million cases, compared to 66.7 million in the same period in 2022. The incidence rate in Asia was quite low, but in the U.S. and certain European countries, cryptojacking cases tripled or even quadrupled. Just this month, a man from Nebraska was arrested for money laundering and mining $970,000 worth of crypto, including Ether, Litecoin, and Monero, by cryptojacking two cloud service providers and tricking them to increase his cloud computing limits without paying.

Considering the huge earning potential of mining crypto without spending a cent of your own money on the electricity it uses up, we can expect it to become even more lucrative in the years to come. Some of the top sectors being targeted are education, finance, government agencies, and even healthcare—perhaps because companies in these industries often have extensive infrastructure and many devices that have the power to mine a significant amount of crypto once hacked.

How Does Cryptojacking Work?

Cryptojacking comes in different ways, but here are the most common methods:

Malware-Based Cryptojacking: This is similar to traditional malware infections. When you click on an ad or a malicious link, the cryptojacking code is downloaded onto your computer, often disguised as legitimate-looking applications or files. After accidentally installing it, the program starts using your computer’s resources to mine crypto.

Drive-by Cryptojacking: This method doesn't require a download. Instead, hackers embed a piece of JavaScript code into a website. When you visit the infected site, the script automatically executes and uses your device’s resources to mine cryptocurrency as long as you are on the site.

Trojan-Based Attacks: These are specifically designed for mobile devices, where a Trojan program disguised as a harmless application runs in the background. Although all it does is to mine crypto, overworking your device’s processor may lead to overheating and battery damage in the long run.

Cryptojacking Versus Browser Mining

Cryptojacking shouldn’t be confused with browser mining, which is a way to mine crypto using your browser. Although both methods are used to mine cryptocurrency, legitimate browser mining is always done with your consent. For example, instead of earning revenue by displaying ads, websites might ask permission to use some of your CPU power to mine crypto when you visit the site. Another example is a dedicated crypto mining browser like CryptoTab Browser that mines crypto while you surf the net and sends your portion of earnings to your crypto wallet. Whichever type of arrangement you pick, the process should be transparent and no mining activities should take place without your knowledge.

In contrast with browser mining, which can be a legitimate way for you to earn passive income, cryptojacking is done completely without your permission.

Signs You Might Be a Victim of Cryptojacking

Many victims of cryptojacking don’t realize what’s going on for weeks or even months. Here are some of the signs to look out for:

Slower Device Performance: Mining crypto consumes a lot of energy and processing power. So if your device is much slower than usual, or if it takes too long to complete simple actions, it might be a result of cryptojacking. Another sign is if it crashes frequently because of task overload.

Overheating: Devices running unauthorized mining operations in the background can overheat even when you’re only doing light tasks. 

High Electricity Bills: Unexplained increases in your electricity costs might be a sign that cryptojacking malware is making your system work overtime.

How to Prevent Cryptojacking

To avoid becoming a victim of cryptojacking, it’s best to treat it as an active security threat. Just as you install firewalls and antivirus software and stay away from strange links or app downloads to protect your devices from malware, you should also take precautions against cryptojacking. Here's what you can do:

Regularly update your devices. Don’t postpone critical updates and patches. They’re your best chance to fix vulnerabilitis that can easily be exploited by cryptojackers.

Install antivirus software and anti-crypto mining extensions. You can find security software specifically designed to detect and block crypto mining scripts, such as browser extensions like No Coin and MinerBlock.

Enable ad blockers. Look for ad blockers that specifically prevent malicious ads from executing crypto mining code on your devices.

Regularly monitor your devices’ performance. If one of your devices starts to lag or overheat for no apparent reason, keep a close watch on its resource usage. Unusual spikes in CPU or GPU usage can be a sign of cryptojacking activity.

While the theft of computing power might seem less dangerous than other cybercrimes, cryptojacking is a very real threat for individual users and organizations alike. It can cause a huge impact on performance, operational costs, and device shelf life—all of which are especially crucial for critical systems like transportation, water and electricity supply, food production, education, manufacturing, and other sectors where suboptimal operations can cause many to suffer. 

But we can do our best to avoid it by staying vigilant and implementing security best practices. As crypto continues to gain popularity worldwide, it would be wise to stay on alert for cryptojacking, crypto hacking, and other crypto-related attacks.

‍