What is Cryptojacking, and How Can You Protect Your Device From an Attack?


Crypto’s bull run early this year has resulted in increased cryptojacking incidents. Here’s a lowdown on what the term means, and how you can protect your devices against it.

In the last couple of years, cryptocurrency has grown in leaps and bounds. It all began when Satoshi Nakamoto (a pseudonym) first created Bitcoin in 2009. A little over a decade later, today, there are over 4,000 cryptocurrencies in existence.

While cryptocurrencies have significantly changed the finance world, they come with many cons. And it’s not just the environmental cost of crypto mining. Crypto’s bull run early this year has attracted many cybercriminals to the industry. According to a recent report by security firm Kaspersky, incidents of cryptojacking have soared in the first quarter of 2021.

Lately, the crypto space has also given rise to a new scam – cryptojacking.

What is cryptojacking?

In order to verify transactions on the blockchain and make new crypto coins, individuals have to solve complex mathematical algorithms or puzzles—a process known as mining. Individuals require powerful systems to verify transactions and add a new block on the blockchain.

Large mining farms in countries such as China have dedicated computer rigs to mine crypto. As the process involves powerful systems, it also takes up massive amounts of electricity. This is why, “cryptojackers,” who wish to mine crypto without incurring costs of mining hardware or exuberant electricity bills, hack into other devices.

Cryptojacking is a type of scam in which hackers use someone else’s device without their knowledge to mine cryptocurrency. The hackers install malware—often called miners—on a computer or mobile device. They then use the device’s energy to mine crypto in the background, while the unsuspecting victim uses their device.

Compared to other types of malware attacks, cryptojacking is harder to detect. It doesn’t damage a user’s device or data. It can, however, cause decreased performance, and overheat the devices.

Moreover, once detected, it is hard to trace the malware to the source, and hackers prefer mining cryptocurrencies like Monero and Zcash. These are harder to trace compared to more popular ones like Bitcoin.

How does cryptojacking affect devices?

Cryptojacking can be done in a couple of ways.

First, hackers can infect a website or an online ad with JavaScript code through a hacking process called ‘drive-by.’ When users visit the website, the script auto-executes on their browser. This type of hacking only affects the browser. Every time the victim uses their browser, the code runs in the background, and mines crypto.

Sometimes, even closing a browser is not sufficient to prevent the script from running. Often, hackers use a simple trick to create a hidden pop-up window that fits under the taskbar. As this window goes undetected, the mining continues unhindered.

In 2018, over 60 million Android users were infected by a miner coded into ads. Users who encountered these pop-up ads were redirected to malicious websites. During this time, the malware would mine crypto using the device’s computing power. The attack usually goes undetected as the process remains silent.

The second means to hack a device is by sending emails with malicious links. When a user clicks the link, it automatically runs the crypto mining code and adds the script on the device. This method infects the entire device and the code runs in the background whenever the victim uses their device.

In both cases, once a browser or device is infected, the code uses up the CPU’s power to perform complex calculations. The data is simultaneously sent to a server controlled by the hacker.

Often, hackers can also use both hacking vectors to “maximize their return.” For instance, if a hacker uses 50 different devices to mine crypto, half of them could be using code on their systems installed through malicious emails. Meanwhile, the remaining half could be mining through an infected browser.

Preventing cryptojacking

As cryptojacking largely goes undetected, it is important to take measures to prevent an attack and minimize the impact on your device.

Install ad-blockers and browser extensions: Installing ad-blockers can detect and block any infected ads, thereby automatically preventing malicious code from running on your device. Similarly, anti-crypto-mining extensions on web browsers can also prevent cryptojacking scripts from running on your browser. MinerBlock, No Coin, and Anti Miner are some examples of browser extensions.

Scan for malware: Use cybersecurity software to regularly scan for malware on your system. Such security software can detect any cryptojacking malware on your system and protect your device.

Avoid opening suspicious links in emails: It is important to be cautious about the emails you receive, especially those that come with a link. Double-check the authenticity of the sender before you click any links on a suspicious email.

Only install trustworthy apps and software: Whenever you install software or an application on your device, make sure it is authentic and comes from a trustworthy source.

Avoid visiting unfamiliar websites: To prevent cryptojacking attacks through browsers, be careful about visiting unfamiliar websites. In addition, you can block or blacklist any website known for cryptojacking.

With cryptojacking incidents on the rise, users need to be cautious. Cryptojacking was common during the crypto boom in 2017-18. They accounted for around 5% of all malware in 2018, according to Kaspersky. For instance, in 2018, an L.A. Times-run website The Homicide Report was hacked with a cryptojacking code. Hackers then mined Monero on the devices of whoever visited the page.

In another example the same year, cryptocurrency mining malware was found on the operational technology network of a European water utility control system. The incident significantly hampered the operator’s ability to manage the utility plant.

However, as large mining farms began emerging, a single device’s resources essentially became irrelevant. As a result, the incidents of cryptojacking went down in the last two years.

But, with the recent surge in crypto’s popularity, cryptojacking has made a comeback. As per Kaspersky’s report, 200,045 users encountered miners on their devices in March, compared to 187,746 in January. In the first quarter of 2021, a total of 432,171 unique users encountered miners.

“It’s too early to say for sure if the trend we’ve noted in Q1 2021 is here to stay,” Evgeny Lopatin, a security expert at Kaspersky, noted in the report. “However, it does seem that the increase in the value of Bitcoin and other cryptocurrency has sparked a renewed interest in miners.”

“If the crypto markets remain strong this year, it’s likely we’ll continue to see more instances of users encountering miners.”

Header image by Tumisu from Pixabay


Share on facebook
Share on twitter
Share on linkedin
Share on email
Reethu Ravi
Reethu is a Staff Writer at Jumpstart.


Biggest Financial Bubbles and the Similarities Between Them

Biggest Financial Bubbles and the Similarities Between Them

A financial or economic bubble occurs when the cost of a particular asset rises above its fundamental value. This “fundamental value” of an asset is not a specific figure but rather a spectrum of values. So, when people wrongly estimate that the value would skyrocket, they keep on buying that asset.

How Can You Raise Capital with an Initial Coin Offering

How Can You Raise Capital with an Initial Coin Offering?

For a startup to thrive, capital is crucial. Typically, to raise capital, startups can choose various routes, such as participating in investor rounds (including seed rounds and series rounds), crowdfunding, bootstrapping and more. Now, there’s a new option rooted in cryptocurrency: Initial Coin Offering (ICO).

Top 5 NFT Types of 2022

Top 5 NFT Types of 2022

NFT” has been crowned Collin Dictionary’s Word of the Year for 2021. After all, NFTs, or non-fungible tokens, have amassed a following like no other over the past year. So much so that the use of this abbreviation increased by 11,000% in 2021. Collins Learning managing director, Alex Beecroft, told the Guardian,

How Technology Helps the Elderly

How Technology Helps the Elderly

As we continue to see more and more advancements in technology, it has become much easier for people to age without suddenly losing their independence. As of 2019, the global average life expectancy has become over 70 years, nearly doubling from what it was in the 1900s. With rising life expectancy, it has become integral to focus on how to better the lives of the elderly population.

Biggest Startup Successes of 2021

Biggest Startup Successes of 2021

2021 has been a great year for startups. As of September, over 800 startups have reached the valuation of US$1 billion and become unicorns. Within this year, some exciting new startups have burst onto the global scene and taken center stage.

How the Taproot Upgrade Changes the Future of Bitcoin

How the Taproot Upgrade Changes the Future of Bitcoin

On November 14, Bitcoin underwent the Taproot upgrade which was activated at block 709,632. The groundwork for this upgrade was laid down back in June when 90% of the Bitcoin miners chose to signal their “support”