Cryptojacking: What it is and how to protect yourself

Home Forums Cyber Security Cryptojacking: What it is and how to protect yourself

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
  • #2879

    Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Cryptocurrency is simply a digital currency in which encryption techniques are used to regulate the generation of units of currency and verify the transfer of funds operating independently of central bank. It is a digital asset that has been created to work as a channel of trade. The technology uses a process named cryptography which guards all of the transactions and regulates the formulation of additional units of the currency. These digital currencies are also categorised as alternative currencies and virtual currencies.

    There are two primary ways hackers can cryptojack you to secretly mine cryptocurrencies. These include:

    a. Trick victim into loading cryptomining code onto their computers through phishing tactics. In this trick, a victim normally receives a legit looking email which encourages them to click on. Upon clicking, the link runs code that places the cryptomining script on the computer. The script then runs on the background as the victim works.

    b. The hacker can as well inject a script on the website or on ad that is delivered to multiple websites. When the victim visits the website or the infected ad pops up in their browsers, the script will execute automatically. The code will then run complex mathematical problems on the victim’s computer and send the result to the hacker’s server.

    Hackers often will use both methods to maximize their return. “Attacks use old malware tricks to deliver more reliable and persistent software [to the victims’ computers] as a fall back,” says Vaystikh. For example, of 100 devices mining cryptocurrencies for a hacker, 10 percent might be generating income from code on the victims’ machines, while 90 percent do so through their web browsers.

    Unlike most other types of malware, cryptojacking scripts do no damage to computers or victims’ data. They do steal CPU processing resources. For individual users, slower computer performance might be just an annoyance. Organization with many cryptojacked systems can incur real costs in terms of help desk and IT time spent tracking down performance issues and replacing components or systems in the hope of solving the problem.
    To detect cryptojacking can be difficult at times. The following are some of the symptoms of cryptojacking:

    i. Device heating up
    ii. Laptop making loud whirring noises
    iii. Battery draining faster than usual
    iv. Impaired device performance such as slowing down or crashing
    v. Check your resource usage
    vi. Check to see if your browser is secretly still running
    vii. Keep a close watch on your Cloud Bills

    Check Resource Usage
    To check you resource usage, you should first open the task manager, this can be done by pressing ctrl + alt + del keys simultaneously. Either, you can open the Activity Monitor in case you are using MacBook. Check out to see if your CPU resources are being maxed out at 99% or more. If the program you are running in your device has no business using all that power, then cryptojacking might be the cause of all that power drain.
    Check to see if your browser is secretly running

    Close your internet browser window and open the task manager or the Activity Monitor in case you are using a MacBook to see if the program still shows as open. The hackers typically run through your browser and create a tiny ‘pop-up’ browser window that hides behind your Start button or toolbar, so it can continue to consume computer resources even after you think you’ve closed your browser.

    Keep a close watch on your cloud bills
    Hackers are also capable of phishing your cloud usernames and password and allocate your cloud resources towards mining, but you won’t know about the problem until the end of the month. Sadly, this method can be pricey.

    Currencies such as Bitcoin, Ethereum and Monero are all continually ‘mined’ by using distributed computing resources to work out problems that generate ‘hashes’. Anyone can use their machines to process new coins in this way, but with cryptojacking, website owners and app developers are able to harness the CPU of their audience instead, earning them cryptocurrency in the process.

    Hackers cryptojack your device by either getting you to click on a malicious link in an email that loads crypto mining code on your device, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in your browser.

    Avoiding Cryptojacking

    There is no clear law that defines whether cryptojacking is legal or illegal, but the method is not ethical by any means as internet users have their resources taken away without their consent or receive any incentive.
    Cryptojacked victims usually will notice that their devices will be low on battery quite fast, or their devices will heat up fast while some will observe that their CPU power utilization will be higher than usual. By entering your task manager, you can check your CPU utilization to check if you are being cryptojacked.

    There are some security practices and plugins that you can use to avoid being a victim of in-browser cryptojacking:

     Never click on a link in an email.
     Turn off your JavaScript in the browser.
     You can run anti-phishing software, antivirus, and adblockers for chrome extensions like No Coin or MinerBlock.
     You can run specific script blockers such as NoScript or uBlock.
     Think of using more privacy-centric browsers.

    The best remedy is prevention. Stay safe from cryptojacking by following this guidance:
    Watch out for phishing-type attempts to load scripts onto your device

    Install an ad-blocker extension for your web browsers
    Routinely check your browser extensions for anything suspicious and keep them up to date
    No matter how hard you try to educate yourself and your team, it’s inevitable that some attempts will slip through the net. To stay ahead of the attacker it’s imperative to have a security solution in place which is able to intercept traffic to phishing sites, stopping the threat at its source.


    Great article. The world of Crypto is still very vague to many and there is very little understanding of its benefits and mode of operation. However, if used correctly and invested into at the right time, it can surely net a healthy return and be a great alternative to traditional banking and transactions. This was made clear in the surge that Bitcoin saw previously, with many enriching themselves by investing properly. What people are lacking is the proper guidance and being well informed. This articles does well in shedding some light in that regard.


    If you ask me, the world of Crypto is heavily regulated, manipulated, and corrupt! Most regular people that got in on the wave found themselves drowning in a sea of loss and confusion. The people who actually did make money are those on top of the chain, who surely have inside information on how this entire scam is operating. Decentralised or not, this entire crypto business is as fishy as a streetwalker’s punata, and now with this article showing there are people crypto”jacking” you. No thank you.


    Agreed. If you ask me, the best way to avoid being crypto-jacked is to avoid using crypto altogether. Too messy and vague.


    NolandReese, your approach on completely disengaging from the cryptocurrency sphere is ill-advised. I do not agree with the sentiment of backing out completely from a certain aspect of professional life, for the sole purpose that it carries risk. In every single thing we do, whether personally, academically or professionally, there is risk involved. What we must instead focus on is being well informed and readying ourselves for the things that may hinder our forward progression. Cryptocurrency is an exciting new prospects, one that has served many very well already, and by many I mean those who have traded in Crypto and knew what they were doing. This guide sheds light on the dangers involved, and it does so brilliantly, awakening one to things that would have otherwise been left unknown. See the glass half full my friend, not half empty.


    As cryptocurrencies become more prevalent in our societies today, so to are the people looking to take advantage and engage in thievery. This comes as no surprise at all. What this article does very well is shed light on the fact that it is happening, and the importance of taking certain steps to combat it. I know if I had a couple of Bitcoins, I wouldn’t want anyone jacking those.


    I have such little knowledge of the crypto field, to the point I would have never imagined there to be such a thing as theft of cryptocurrency. But there you have it, further proof that cyber threats exist in every single avenue of the online world.


    Very interesting, as I myself am looking to get into cryptocurrency and wouldn’t like the idea of anyone jacking my bitcoin! I’d put a hole through anyone who’d do something like that, after I pinpoint their IP address that is.

Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.