Some cryptocurrencies are mineable, meaning that people can choose to expend their computational resources to secure the operation of the blockchain and earn newly created coins in exchange; the coins can later be traded on crypto exchanges for traditional currencies like USD. This requires the purchase, setup and maintenance of specialized equipment and significant expense of electrical power, all of which eat into the profit made from selling the mined coins.
Instead of participating in fair competition, an unscrupulous hacker may choose to mine cryptocurrency by hijacking the computational resources of other people, a practice known as cryptojacking.
Cryptojacking can be performed in multiple different ways, but there are two most popular ones. The first way is via a trojan — a malicious program that gets installed onto a computer without the owner’s knowledge or consent by, for example, clicking on an email link or attachment. The program then keeps running on the host computer, consuming its resources, while the profits go to the hacker.
The other popular option is the so-called “drive-by” cryptojacking, which is performed online via malicious JavaScript code on web pages that are either owned by the hackers outright or have been compromised by them.
Cryptojacking leads to increased consumption of its victims’ electrical power, slows down their computers and shortens the life of their equipment. If a user suspects that their computer might have been the target of a cryptojacking attack, they should look out for red flags: decreased performance and the overheating of their computer, which is usually coupled with more intense use of the cooling fan. Most modern antivirus software providers are acutely aware of the threat of cryptojacking, so they offer protection from it.
Cryptojacking is described as the unsolicited use of a person’s device or system, such as a computer, server, smartphone, tablet, etc., for crypto mining. Attackers can gain access to a victim’s device through emails, websites, or online ads that contain links to malicious software that will auto-execute when accessed.
There are two common types of cryptojacking: file-based and browser-based.
File-based cryptojacking involves hackers sending seemingly legitimate emails to their victims. But when users open the attachment, a program is executed and the crypto mining script is introduced to their computer.
In a browser-based cryptojacking attack, hackers typically embed malicious code in various websites. Once the victim accesses the infected websites, the crypto mining script immediately takes effect within that device.
Cryptojacking schemes can go unnoticed for a long time, allowing hackers to mine with total impunity from unsuspecting victims’ devices. Mining activities incur high electricity costs, which hackers pass on to their victims so they can earn token rewards without financial burden.
Cryptojacking scripts can cause devices to lag or even break down due to wear and tear.
Additionally, there is a class of cryptojacking scripts that has a worming ability that allows it to replicate fast, infecting multiple devices and servers within a network.
Most cybercriminals tend to mine privacy coins like Monero as they are difficult to trace.
Some measures to avoid falling victim to cryptojacking schemes include the use of ad-blockers and anti-crypto mining extensions.