How Cryptojacking works (computers hacked to mine crypto)
As Bitcoin prices increased in late 2017, a form of cyber attack called cryptojacking also grew significantly, where a malicious person mines crypto on a target's computer. This is sometimes referred to as 'drive-by mining'. Below we explain what cryptojacking is, what coins it effects, and how to protect yourself from it.
What is cryptojacking?
Bitcoin, a very popular cryptocurrency, uses a mechanism called proof-of-work. This is where work is done on a computer in exchange for a reward in the form of Bitcoin, this process is referred to as mining. Many other cryptocurrencies also use this proof-of-work mechanism.
Many people do this Bitcoin mining on their own hardware, where they buy dedicated hardware for mining. In many countries this is completely legal, so at scale can offer a way to earn millions of dollars whilst following the law.
Cryptojacking takes this legal concept of mining and abuses it, where a malicious person mines using someone else's hardware. Just to clarify, there are cases where businesses with cheap electricity for things like farms abuse this cheap electricity to mine crypto, for example chicken farms in South Korea. Also Bitcoin mining is illegal in some countries fullstop. Neither of these cases are cryptojacking; cryptojacking refers to when you use someone else's hardware without their consent, where you don't need to pay for the hardware or the electricity (both limiting factors in mining profitability, removing these makes it very profitable for malicious cryptojackers).
Cryptojacking is appealing to criminals for several reasons:
- It sends mining rewards directly to the malicious person in a way that's difficult to track (where it can be sent via several addresses or stealth addresses).
- It can be done without the target even being aware. Things like ransomware require a target to perform an action.
- In most cases of cryptojacking it doesn't involve the target losing any money directly, but rather indirectly through electricity costs and hardware wear. In some cases if a dedicated mining farm is targeted it can have more significant impact on the target.
How is cryptojacking done?
There are many different forms of cryptojacking. The most well known is likely through an internet browser, where a website might mine crypto on a visitor's computer. This isn't the only form of it though. Methods commonly used for cryptojacking:
- Web pages running mining scripts when you visit them (Coinhive is often used for this). There are cases where this is done with the user's consent, where it's an alternative income source to advertising (in this scenario it isn't cryptojacking). But there are also cases where if a website is compromised, the attacker might add a mining script (there have been cases where this is done through ad networks for example).
- Malicious people hack into personal PCs, data centers, etc. to run mining software.
- Malicious apps on phones have mining software included.
- Viruses/malware infecting PCs or hidden in computer programs.
- People taking advantage of networks in organisations they are part of, where they might install mining software on a work PC or server. There have been cases of this done at universities for example, where students might have access to super computers or multiple PCs.
Examples of cryptojacking in the news:
- TPB resumes Monero browser-based mining for users.
- Over half a million Windows servers hijacked by Monero mining botnet.
- Monero botnet created on Amazon fire sticks and any android device with debugging enabled.
- Facebook messenger scams luring people into unknowingly mine Monero.
Internet browsers such as Chrome/Firefox and antivirus software is starting to crack down on cryptojacking, where if they detect signs of it they block it (e.g. checking for things like excessive CPU usage).
What cryptocurrencies are being mined?
This is a very confusing area. So if you're new to crypto, just to clarify that Bitcoin is a cryptocurrency similar to how the United States Dollar is a fiat currency. It isn't the only cryptocurrency, there are many thousands of them. Each of them uses a certain mechanism for verifying transactions (when a payment is sent), most commonly proof-of-work or proof-of-stake. For a cryptocurrency to be mined, it needs to be proof-of-work; so this immediately limits the available coins for mining.
Also, there are mining devices called ASICs which are really good at mining certain coins (or rather the proof-of-work algorithm those coins use). Any coin that has an ASIC associated with it can't really be mined by hardware such as CPUs and GPUs, as the ASIC is so much more efficient that it just isn't profitable. So this again limits the available coins for CPU and GPU mining (which is most commonly targetted through cryptojacking).
With these factors mind, proof-of-work and ASIC resistance, any coin with these attributes is a potential minable crypto in cryptojacking. The most commonly used in mid-2018 seems to be Monero, as on top of its proof-of-work and ASIC resistance, it's also a privacy-focused coin, where Monero can be sent anonymously (through a mechanism called a stealth address). Other privacy-focused proof-of-work ASIC resistant coins are also often mined through cryptojacking.
How to protect yourself against cryptojacking?
For each form of cryptojacking, the method for defending against it varies. Here are some tips for protecting yourself against cryptojacking:
- Install antivirus software that blocks cryptojacking through things like your internet browser.
- Look out for processes on your computer that are using large amounts of CPU. e.g. if you see Chrome using lots of CPU this could be a cryptojacker, day-to-day internet browsing shouldn't use lots of CPU. It would be normal for things like gaming & video editing to use lots of CPU.
- Only install programs you trust & from locations you trust.
- Be skeptical before clicking any links on the internet.
DISCLAIMER: This site cannot substitute for professional investment or financial advice, or independent factual verification. This guide is provided for general informational purposes only. Anything Crypto is UK-based and not regulated by the FCA (Financial Conduct Authority). The group of individuals writing these guides are cryptocurrency enthusiasts and investors, not financial advisors. The ideas presented are our analysis, learning & opinions on a range of cryptocurrency topics. Trading or mining any form of cryptocurrency is very high risk, so never invest money you can't afford to lose - you should be prepared to sustain a total loss of all invested money.
This website is monetised through affiliate links. Where used, we will disclose this and make no attempt to hide it. We don't endorse any affiliate services we use - and will not be liable for any damage, expense or other loss you may suffer from using any of these. Don't rush into anything, do your own research. As we write new content, we will update this disclaimer to encompass it.
September 18th, 2018
When Was Bitcoin Created?
August 16th, 2018
How to Buy Bitcoin?
Never invest money you can't afford to lose.
All information on this website is for general informational purposes only, it is not intended to provide legal or financial advice. We encourage you to consult your own legal & financial advisors before making any cryptocurrency-related purchase.