Home
Glossary
Cryptojacking

Cryptojacking

Moderate

The use of another party’s computer to mine cryptocurrency without their consent.

What Is Cryptojacking?

Some cryptocurrencies are mineable, meaning that people can choose to expend their computational resources to secure the operation of the blockchain and earn newly created coins in exchange; the coins can later be traded on crypto exchanges for traditional currencies like USD. This requires the purchase, setup and maintenance of specialized equipment and significant expense of electrical power, all of which eat into the profit made from selling the mined coins.
Instead of participating in fair competition, an unscrupulous hacker may choose to mine cryptocurrency by hijacking the computational resources of other people, a practice known as cryptojacking.

Cryptojacking can be performed in multiple different ways, but there are two most popular ones. The first way is via a trojan — a malicious program that gets installed onto a computer without the owner’s knowledge or consent by, for example, clicking on an email link or attachment. The program then keeps running on the host computer, consuming its resources, while the profits go to the hacker.

The other popular option is the so-called “drive-by” cryptojacking, which is performed online via malicious JavaScript code on web pages that are either owned by the hackers outright or have been compromised by them.

Cryptojacking leads to increased consumption of its victims’ electrical power, slows down their computers and shortens the life of their equipment. If a user suspects that their computer might have been the target of a cryptojacking attack, they should look out for red flags: decreased performance and the overheating of their computer, which is usually coupled with more intense use of the cooling fan. Most modern antivirus software providers are acutely aware of the threat of cryptojacking, so they offer protection from it.

Cryptojacking is described as the unsolicited use of a person’s device or system, such as a computer, server, smartphone, tablet, etc., for crypto mining. Attackers can gain access to a victim’s device through emails, websites, or online ads that contain links to malicious software that will auto-execute when accessed.
There are two common types of cryptojacking: file-based and browser-based. 
File-based cryptojacking involves hackers sending seemingly legitimate emails to their victims. But when users open the attachment, a program is executed and the crypto mining script is introduced to their computer.

In a browser-based cryptojacking attack, hackers typically embed malicious code in various websites. Once the victim accesses the infected websites, the crypto mining script immediately takes effect within that device.

Cryptojacking schemes can go unnoticed for a long time, allowing hackers to mine with total impunity from unsuspecting victims’ devices. Mining activities incur high electricity costs, which hackers pass on to their victims so they can earn token rewards without financial burden. 

Cryptojacking scripts can cause devices to lag or even break down due to wear and tear.

Additionally, there is a class of cryptojacking scripts that has a worming ability that allows it to replicate fast, infecting multiple devices and servers within a network. 

Most cybercriminals tend to mine privacy coins like Monero as they are difficult to trace.

Some measures to avoid falling victim to cryptojacking schemes include the use of ad-blockers and anti-crypto mining extensions.

Trusted Execution Environments (TEEs)

Trusted Execution Environments (TEEs) are secure areas within a main processor that provide a protected spa...

Full definition >
Human Keys

Human Keys are cryptographic keys derived from what you are, what you know, or what you have. They are used...

Full definition >
Open Finance (OpenFi)

OpenFi, short for "Open Finance," is a financial framework that integrates traditional finance (TradFi) wit...

Full definition >
Rollups-as-a-Service (RaaS)

Rollups-as-a-Service (RaaS) allows builders to build and launch their own rollups quickly. RaaS providers d...

Full definition >
Data Availability Sampling (DAS)

Data Availability Sampling (DAS) is a method that enables decentralized applications to verify the availabi...

Full definition >
Multiple Data Availability (MultiDA)

This blockchain architecture uses more than one data availability (DA) service to ensure data redundancy.

Full definition >

Related Articles

Easy
Crypto News
Ransomware Attacks Are Falling, But a Different Crypto Crime is Surging
The cybersecurity firm SonicWall says incidents of cryptojacking have surged by 30%, and experts believe this is a sign that some ransomware operators "are ready for a quieter life."
By Connor Sephton
2yr ago
2m
Easy
Crypto News
The 10 Worst Crypto News Stories of 2020
Hacks, lawsuits, arrests, scams and scandals: These are the 10 worst stories of 2020.
By Decentralized Dog
3yr ago
5m
Easy
Blog
Unlocked 101 Quiz: Test Your Knowledge and Become the Ultimate Crypto User
With this quiz by Coindesk's Unlocked 101 series x CoinMarketCap Academy, you can find out if you are really the ultimate crypto user!
By Bailey Reutzel
3yr ago
1m