Cryptojacking Is the Sneakiest Scam in the Crypto industry. Learn How to Protect Your Computer From Getting Infected.

Cryptojacking works a little differently from other crypto scams, primarily because it can occur without the victim even knowing they’ve been attacked

If this has sparked a little anxiety, don’t worry. There are a few clear signs that indicate a computer has been exposed, along with several safety methods for fending off malicious cryptojackers

Before we learn how to stay protected, though, let’s first see how crypto jacking actually works and what the perpetrators’ end goal is

Table of Contents

• What is Cryptojacking?
  • The Origins of Cryptojacking
  • What Is the Goal of Cryptojackers?
• How Does Cryptojacking Work in Practice?
  • Drive-By Websites
  • Malvertising
  • Browser Extensions
  • Phishing Emails
• Best Methods for Avoiding Cryptojack Scams
• Signs of a Cryptojack: Is Your Computer Infected?
• How Big of an Issue Is Cryptojacking?
  • On the Flipside
  • Why This Matters
  • FAQs

What is Cryptojacking?

Cryptojacking is a cybercrime in which a malicious actor uses a person’s personal device to mine crypto tokens without the victim’s knowledge or consent

Just to be clear, mining is the process of securing or verifying new blocks of transactions that enter a blockchain in exchange for rewards. Usually, cryptocurrency miners on the blockchain do the ‘work’ and are rewarded for doing so, but cryptojackers will try to use a person’s computer to achieve this without doing the honest work themselves.

You can think of it in a similar way to carjacking. The biggest difference is that, rather than physically stealing a person’s computer, cryptojackers will infiltrate a device by implanting it with a special cryptojacking script or code.

Once this code is in place, it will begin mining in the background, hidden from the victim’s site. The rewards will be delivered back to the hacker’s wallet

The Origins of Cryptojacking

Believe it or not, there was once a time, in the early years of crypto, when certain web pages would ask visitors permission to mine coins on their behalf while they remained on the site

This was essentially seen as a way for readers to ‘compensate’ the web publishers by allowing them to extract some tokens, but as soon as the visitor left the site, the mining would stop

However, malicious scammers didn’t take long to notice this. Very soon, permission stopped being asked, and the mining continued long after the victim returned to their usual business

Things only got worse when scammers began tinkering with the coding of mining websites. Coinhive is a notable example that, at one point, was the source of over two-thirds of all crypto jacking attack attempts

This would result in an oncoming wave of cryptojacking crimes that, unfortunately, are still very prevalent today

What Is the Goal of Cryptojackers?

Mining requires a hefty rig, plenty of computing power, a lot of CPU (central processing unit) usage, and a whole lot of electricity, making it a pretty expensive business

As a result, the crypto that miners are rewarded often results in them making a small to average profit. Cryptojackers are people who don’t want to buy all of the pricey resources and would rather piggyback off someone else’s hard work to secure coins for themselves

To put it simply, the endpoint is making as much profit as possible from one person before jumping to the next and repeating the same process as part of a malicious cycle

How Does Cryptojacking Work in Practice?

Now that we’ve covered the basics of crypto jacking, let’s uncover how these fake miners implement a crypto jacking code onto a person’s private device

Drive-By Websites

These websites aren’t malicious by intent but have been infected by JavaScript from a cryptojacker. Once the code is in place, anyone who clicks on the site can be automatically infected, meaning the victim’s computer will start mining without them knowing

Sometimes, a website might ask a visitor to download a specific app to gain access, which can similarly be a ploy to insert the crypto mining script onto a computer

It should also be noted that these sorts of attacks can also target mobile phones. Though they have much less processing power, being able to infect them en masse can create a formidable mining army for the scammer to use

Either way, these ‘drive-by’ attacks, as they’ve come to be known, are a common technique used by cryptojackers. Rather than infecting a website, they sometimes aim for something a bit smaller and more obscure, like an advertisement.

Malvertising

Cryptojackers can insert their mining code into a fake advertisement on a completely harmless website. This is commonly known as Malware, in reference to the types of Malware being used

Since the website itself isn’t sponsoring these ads, they tend to appear as pop-ups or in small and obscure windows

Upon clicking on the ad, the malicious code will either infect the computer immediately or after the victim has agreed to download a specific app the advertisement directs them to

Browser Extensions

Crypto mining code can even extend into browser-based extensions, especially those added to app stores since it’s much easier for scammers to upload them here rather than create an entire website

When a person agrees to download one of these extensions, they will begin downloading the code necessary for the hacker to use their devices for mining purposes before soaking up the CPU’s energy once the mining is underway

It can be very easy to fall into this trap because of how authentic the extensions can seem. For example, in 2019, it was revealed that two popular extensions for Google Chrome secretly contained mining coding, much to the surprise of thousands of users

Google Chrome announced in April 2018 that it would be banning all extensions designed to mine cryptocurrency, making Chrome safer. However, some fraudulent extensions have still managed to slip through the cracks

It’s still worth noting that no browser is entirely protected from this type of attack, so switching to a different one won’t guarantee that they will disappear

Phishing Emails

Some hackers use a slightly different method to start their mining escapade: they contact the victim through a phishing email

These emails often present as new opportunities or unexpected giveaways, prompting the recipient to click on a link or an attached file. Of course, doing so will begin the mining process, even if the link leads to a dead end

As the New Jersey Cybersecurity and Communications Department noted, most of these emails will contain buzzwords like “Purchase” and “Sales” to grab readers’ attention. They may also include a “RE:” to trick the recipient into thinking they’d communicated with the scammer before

Best Methods for Avoiding Cryptojack Scams

As we’ve just seen, cryptojackers can be pretty creative in their methods, but thankfully, investors can help protect themselves in a few ways

• Use Anti-Malware Software: Anti-malware software can protect a computer against disruptions and attacks. Norton, McAfee, and Total AV are a few of the most popular anti-malware services available today
• Update Web Browsers: Browser updates tend to also include security fixes that can bolster protection against cryptojackers. Additionally, some popular browsers offer extensions specifically made to shield against cryptojackers, including minerBLOCK, No Coin, and Anti Miner
• Avoid Suspicious Emails: If a scammer is trying to infiltrate your computer via email, check for spelling mistakes, if the subject line seems suspicious, and whether the address is verifiable. All of these can be dead giveaways of a phishing email
• Download Ad-Blockers: Malicious ads are one of the most common methods scammers will use to access a device, so keeping a reliable adblocker on deck can negate this kind of attack. AdBlock Plus, AdLock, and Ghostery are some popular examples
• Protect Public Servers: If you host public servers, cryptojackers can target them as an easy infiltration method. Regular patching, switching off unused services, or even closing down the server altogether if you’re not using it actively are ways to protect against an unexpected attack
• Block Cryptojacking Sites: Some web browsers allow users to block a website or even create a list of sites they want to avoid. Do a little research beforehand, and if you find that people online are highlighting specific sites, then it can be best to block them so that you don’t accidentally fall for their trap

Signs of a Cryptojack: Is Your Computer Infected?

Though cryptojackers will aim to conduct their mining operations without the victim’s knowledge, there are still some telltale signs that a device might be corrupted

• Slow Performance and Lag: Mining crypto heavily affects a computer’s resources, especially the GPU and CPU. Suppose the device seems slower than usual, especially for basic activities like checking email. In that case, it’s worth heading over to the activity center to see whether the computer is under heavy stress and whether it’s due to a mining code running in the background
• Browser Not Turning Off: Cryptojackers can create their own browser window to facilitate mining, even if the main browser has been closed. If you fully close down the browser but notice that it isn’t disappearing from the toolbar and is also using up a lot of energy in the activity monitor/task manager, then it could point to a cryptojacker
• Warm Device: If you approach a device and notice it’s already warm, it indicates someone has been using it without your consent. In serious cases, this can lead to a computer overheating, especially if it’s only built for work or gaming, rather than mining
• High Cloud and Electricity Bills: If a cryptojacker gets a hold of a person’s cloud credentials, they can use these resources to assist in mining. As we already know, mining can ramp up electricity costs, so to be safe, it’s worth double-checking whether the bills for the two seem a little higher than they should be.

If you suspect your device has been exposed, you may be able to uninstall or delete the code or program if you find it in time. You can also order an antivirus tool to issue a full computer scan to ensure all protection shields are up and running

How Big of an Issue Is Cryptojacking?

The crypto industry has seen its fair share of scams, cyberattacks, and hacks over the years, but how prominent is crypto jacking in the end?

Unfortunately, the statistics indicate that it’s one of the most popular methods used by fraudulent hackers in the entire industry

According to Statista, there were 57 million crypto jacking attempts in 2018, and the number rose to almost 140 million by 2022, a 43% increase from 2021

SonicWall’s 2024 Cyber Threat Report similarly indicated that the number of cryptojacks in 2024 had risen by a staggering 650% since 2023

Though the issue doesn’t seem to be dying down, thankfully, crypto community members are always finding new ways and taking active measures to help protect against these cyber criminals

One example is the shutdown of Coinhive. Its JavaScript code was regularly manipulated by cryptojackers, but when it shut down in 2019, site infections dropped drastically, proving that pushing back against these immoral scammers is possible

To be on the safe side, though, deploying the safety measures we’ve already covered, especially paying close attention to your computer and its resource usage, can minimize the threat by a sizable amount

On the Flipside

• While cryptojacking remains a prevalent issue, pump-and-dump schemes are arguably the most prevalent scam in the world of digital currency right now.
• This method of artificially inflating the price of an asset can dupe hundreds or even thousands of crypto users at once, and therefore, an issue that every investor needs to be aware of.

Why This Matters

While most scams can be detected at a moment’s notice, crypto jacks can linger on a computer for a very long time and can, therefore, extract massive sums of tokens at the victim’s expense.

Therefore, it’s very important to be aware of how crypto jacking works so that you can stay protected and know how to check your device for any suspicious behavior

FAQs

Can You Mine Crypto on Ethereum? Because Ethereum (ETH) moved to the Proof-of-Stake algorithm in 2022, it doesn’t include mining like the Bitcoin (BTC) blockchain

Can Cryptojacking Affect Smartphones? Yes, cryptojackers can infiltrate mobile devices using the same methods that they use for desktops. However, hackers tend to prioritize the latter because these devices lack the same power as computers or laptops

.social-share-icons { display: inline-flex; flex-direction: row; gap: 8px; border-radius: 8px; border: 1px solid #dedede; padding: 8px 16px; margin-bottom: 8px; }

.social-share-icons a { display: flex; color: #555; text-decoration: none; justify-content: center; align-items: center; background-color: #dedede; border-radius: 100%; padding: 10px; }

.social-share-icons a:hover { background-color: #F7BE23; fill: white; }

.social-share-icons svg { width: 24px; height: 24px; }

DailyCoin’s Vibe Check: Which way are you leaning towards after reading this article?

Bullish Bearish Neutral

Market Sentiment

0% Neutral