What Is Cryptojacking?
Cryptojacking is a cybercrime activity where an attacker hijacks the computing power of a victim’s device to mine cryptocurrencies. The attacker carries out cryptojacking by exploiting vulnerabilities in the victim’s device to install crypto mining software.
Key Takeaways
- Cryptojacking is a cybercrime activity where an attacker hijacks the computing power of a victim’s device to mine cryptocurrencies.
- Cryptojacking vulnerabilities can be present in websites, software, and operating systems (OSs).
- Sluggish device performance, high temperatures, and poor battery health are signs of crypto jacking.
- Antivirus software can detect cryptojacking scripts and protect your computer when you visit malicious websites.
- “WannaMine” is a crypto mining malware designed to mine a privacy-focused PoW cryptocurrency called Monero (XMR).
- Show Full Guide
Cryptojacking Explained: Key Terms
In order to understand the meaning of cryptojacking, we need to learn about cryptocurrencies and consensus mechanisms.
What Is Cryptocurrency?
A cryptocurrency is a digital currency that is typically used as a medium of exchange or a form of payment. Cryptocurrencies like Bitcoin (BTC) and Ether (ETH) are decentralized and do not need a centralized intermediary to process and execute transactions.
Instead, a decentralized network of participants known as miners or validators uses cryptographic techniques and blockchain technology to secure and execute transactions.
What Is a Consensus Mechanism?
Consensus mechanism refers to a process used by a cryptocurrency’s network of miners or validators to achieve agreement on the state of a blockchain’s ledger.
There are two main types of consensus mechanisms: proof-of-work (PoW) and proof-of-stake (PoS):
Requires crypto miners to solve a complex mathematical puzzle to determine which miner gets the chance to process pending transactions and add the next block to a blockchain.
The first miner to solve this puzzle is chosen as the block builder and is rewarded with newly minted cryptocurrency for their effort.
Cryptocurrencies that use the PoW consensus mechanism include Bitcoin, Litecoin (LTC), and Dogecoin (DOGE).
Requires validators to lock up a certain amount of cryptocurrencies as collateral to become eligible to propose new blocks and execute transactions.
Like the PoW consensus mechanism, the block builder is rewarded with newly minted cryptocurrencies. However, in the PoS consensus mechanism, block builders are chosen randomly.
Cryptocurrencies that use the PoW consensus mechanism include ETH, Solana (SOL), and Cardano (ADA).
A key difference between the PoW and PoS consensus mechanisms is that the former requires miners to expend significant amounts of energy and computational power.
How Cryptojacking Works
As explained above, PoW consensus requires miners to expend processing power to solve complex mathematical puzzles. In cryptojacking, the required processing power and energy are stolen from a victim’s device.
An attacker first looks for vulnerabilities in a potential victim’s system. These vulnerabilities can be present in websites, software, and operating systems. The cryptojacking attack will then install malicious cryptojacking software, which will leverage the victim’s processing power to mine cryptocurrencies.
Cryptojacking malware is distributed through smartphone applications, botnets, social media platforms, website link, and Wi-Fi hotspots.
A cryptojacking attack can be non-persistent or persistent:
Non-persistent cryptojacking attack
Typically carried out via a website. It only occurs when the victim is visiting a malicious website or has opened an Internet browser on a compromised system.
Persistent cryptojacking
Continues to exploit the processing power of a system even when the victim has stopped visiting the source website.
Any laptop, computer, smartphone, Internet of Things (IoT) device, CPU or GPU-powered device is susceptible to cryptojacking.
Results of Cryptojacking Test
Your device may display the following symptoms if it has been cryptojacked:
- Poor system performance: Slow computing speed is a key symptom of cryptojacking, as the cryptomining malware utilizes the majority of the available computing power to mine cryptocurrencies in the background.
- Increased power consumption: Abnormal power consumption, extreme device temperatures, and poor battery health are symptoms of cryptojacking attacks.
- Frequent system crashes: Exploit of a device’s computing power can lead to frequent crashes and operation disruptions.
Six Tips to Detect Cryptojacking
If you suspect that your device has fallen victim to a cryptojacking attack, here is how you can detect it:
Cryptojacking Examples
WannaMine
In 2018, a cybersecurity firm named Panda Security identified a cryptomining malware called “WannaMine” designed to mine a privacy-focused PoW cryptocurrency called Monero (XMR).
According to the company, users were tricked into downloading the malware via email attachments and infected websites. WannaMine malware was designed to maximize use of a system’s processor and RAM causing devices to fail over time.
The malware ran complex mining techniques using the victim’s processing power to mine Monero’s XMR tokens which were sent to hacker‘s crypto wallets.
Coinhive
In the same year, over 4,000 government and university websites in the US and UK fell victim to a cryptojacking malware called Coinhive. All the affected sites used a plugin called Browsealoud that was used to read out webpages for blind or partially sighted people.
Hackers found a way to compromise the plugin and were successful in installing a cryptomining software for mining Monero’s XMR token on all affected websites.
Some affected websites were associated with the UK NHS services, The City University of New York, the Financial Ombudsman Service, and Lund University.
How to Protect Yourself Against Cryptojacking
Here are top tips on how to protect your device against cryptojacking:
The Bottom Line
Cryptojacking can lead to lower device lifespan, financial losses and productivity decline. Luckily there are ways to prevent cryptojacking, which we have explained in our definition above.
Remember, it is most important to stay informed of the latest malware threats and learn ways to avoid such risks.
FAQs
What is cryptojacking in simple terms?
What are the signs of cryptojacking?
Who is a cryptojacking miner?
Is cryptojacking illegal?
What is cryptojacking in cyber security?
References
- WannaMine – new cryptocurrency malware detected – Panda Security (Panda Security)