All About Cookies is an independent, advertising-supported website. Some of the offers that appear on this site are from third-party advertisers from which All About Cookies receives compensation. This compensation may impact how and where products appear on this site (including, for example, the order in which they appear).
All About Cookies does not include all financial or credit offers that might be available to consumers nor do we include all companies or all available products. Information is accurate as of the publishing date and has not been provided or endorsed by the advertiser.
The All About Cookies editorial team strives to provide accurate, in-depth information and reviews to help you, our reader, make online privacy decisions with confidence. Here's what you can expect from us:
- All About Cookies makes money when you click the links on our site to some of the products and offers that we mention. These partnerships do not influence our opinions or recommendations. Read more about how we make money.
- Partners are not able to review or request changes to our content except for compliance reasons.
- We aim to make sure everything on our site is up-to-date and accurate as of the publishing date, but we cannot guarantee we haven't missed something. It's your responsibility to double-check all information before making any decision. If you spot something that looks wrong, please let us know.
Cryptojacking is used by hackers to take over devices via malware and use the devices’ computing power to mine cryptocurrency. According to the European Union Agency for Cybersecurity (ENISA), cryptojacking is the third top cyber threat. ENISA also noted that cryptojacking reached a record high in the first quarter of 2021.
It can be difficult to spot cryptojacking because the malicious code is designed to work in the background and not be visible. However, there are some telltale signs. Keep reading to learn more about how cryptojacking works and how antivirus software can prevent it from infecting your devices.
How does cryptojacking work?
Types of cryptojacking attacks
Browser-based cryptojacking
Host-based cryptojacking
Cloud-based cryptojacking
How to detect cryptojacking
How to protect yourself from cryptojacking attacks
Cryptojacking FAQs
Bottom line
What is cryptojacking?
Cryptojacking is when miners use other devices’ processing power to mine crypto. Stealing the power of another device without the owner’s permission and then using it to generate currency is becoming more and more popular. Cryptomining in itself is legal, but cryptojacking is illegal.
Interpol lists the impacts of cryptojacking as primarily performance-related, but it can also affect the victim's electricity costs.
What is cryptomining?
Cryptomining is a broad term for mining cryptocurrencies like Bitcoin, Monero, or Ethereum. Cryptomining is the process of generating new cryptocurrency and validating cryptocurrency transactions.
Because cryptocurrency is completely digital, miners are needed to verify and secure blockchains. Miners work to open a new block on certain blockchains. When a miner figures out the answer to a cryptographic puzzle (known as the hash), they receive payment.
It's an incredibly difficult task, as cryptocurrency mining often involves large amounts of computer power, mining software, and mining hardware. This can easily cost several thousand dollars.
How does cryptojacking work?
Cryptojacking can target desktops, laptops, mobile devices, network servers, or any internet-connected device. Once a cybercriminal gains access to these devices, it runs a program to steal the computing power.
Cybercriminals usually gain access to a person's device or server through malware. It gets deployed in a variety of ways, such as a person using an infected website, downloading content, or clicking on a link in a phishing email.
These actions can trigger a cryptomining code getting loaded onto your device. This lets a mining script run in the background that can control your device. The script is designed to steal some or all of your device's computing resources and turn them into digital currency.
Cryptomining malware is more interested in stealing power than taking data or damaging devices. As with other types of malware, cryptojacking will run as long as possible before being detected.
Types of cryptojacking attacks
There are different types of malicious cryptomining that each target a different access point. Let's review the three tactics cybercriminals use to infect your device with cryptomining code.
Browser-based cryptojacking
Also known as drive-by cryptojacking, this involves a user visiting an infected website that will then add cryptomining code to the user's browser. Cybercriminals can place malware in ads, compromise an existing website, or create a website with cryptomining JavaScript code.
Host-based cryptojacking
Host-based cryptojacking focuses on social engineering tactics to succeed. A popular example is phishing emails. Cybercriminals will use social engineering to trick victims into trusting the email. It's common for attackers to pose as a trusted source, such as your boss. Then they will insert a malicious link in the email. Once opened, cryptomining scripts infect your device.
Some other methods that fall under host-based cryptojacking include malicious apps, open source code, or public application programming interface (API).
Cloud-based cryptojacking
Cloud-based cryptojacking is the most difficult to implement out of the three types, but it can provide the biggest payoff. If cybercriminals can access a cloud network, they can infect multiple devices including servers, infrastructures, and software supply chains. It's the biggest threat to the cloud since 86% of compromised Google Cloud instances were used for cryptomining. Cybercriminals will look for vulnerabilities or API keys to access the cloud service.
How to detect cryptojacking
Detecting cryptojacking is difficult because it is designed to work in the background and be completely invisible to the device's owner. But the symptoms will show up eventually. Here are some red flags that may indicate your device is being used for cryptomining:
- Poor device performance: What you might notice first is your device not performing at the same level as before or it may have a shorter lifespan. It may suddenly be very slow or your device may even shut down due to the lack of processing power. Cryptojacking can also affect your router. You may want to evaluate if your router has decreased productivity.
- Overheating: There are a lot of reasons why a device can overheat. But if you did everything possible to keep it cool, there could be something wrong with your device. You may want to check for cryptojacking if your batteries constantly overheat.
- High electricity costs: As with overheating, there could be many reasons why you suddenly had an unexpected increase in electricity costs. Cryptojacking uses a significant amount of energy to operate.
- Central processing unit (CPU) usage spikes: Possibly the most noticeable indication of cryptojacking is high CPU usage. Depending on your device, you may be able to check the CPU use from the task manager or activity monitor. If you have a low processing speed or high power usage, these may be signs of a cryptojacking attack.
If you suspect your device is being used for cryptojacking, then there are some actions you can take to remove it. First, you'll need to confirm your device has cryptomining code. You can use antivirus software to do a scan on your device.
Once the malware has been identified, you can start the process to delete it. Your antivirus software may be able to do this for you. You could also find the best malware removal to get rid of the unauthorized cryptomining code.
If this doesn't work, you might want to look into resetting your computer and reformatting the hard drives. However, this could potentially delete data.
How to protect yourself from cryptojacking attacks
It's much easier to prevent a cyberattack than to try to remove it. Here are some security measures you can implement to protect yourself from cryptojacking and other cybercrimes:
- Use a virtual private network (VPN). A VPN encrypts your Wi-Fi connection and hides your identity, making it more difficult for cybercriminals to target you online. Check out our guide to the best crypto VPNs for a list of apps designed to work with crypto exchanges — and accept crypto as payment.
- Monitor resources. Continuously check the processing speed and power usage of your devices. This can help you detect anomalies sooner rather than waiting for your laptop to get painfully slow to realize there is a problem.
- Install browser extensions designed to block cryptojacking. Because cryptojacking often targets your browser as an access point to your device, you may benefit from installing browser extensions to block cryptojacking efforts. Some options include Anti Miner and minerBlock. Always proceed with caution when downloading anything and ensure you selected an authentic and valid browser extension.
- Use ad blockers. Privacy-focused ad blockers are also useful in blocking the coin-mining process. Many cryptojacking efforts focus on exploiting ads placed on legitimate websites, so an ad blocker can stop these efforts.
- Keep software and operating systems updated. There are always new threats being developed, and software and operating systems frequently put out new updates to keep up with the threats. If you don't update, then you risk not catching malicious actors who can evade your security systems.
- Block malicious websites. Some webpages are known for delivering cryptojacking scripts. Your web browser may have a feature that will warn you if a page you're visiting could potentially contain malware. For example, Google Chrome has phishing and malware detection enabled by default. It will warn you if it has detected any suspicious activity on a website you're trying to visit. It may be good practice to heed these warnings.
- Perform regular antivirus scans. You'll want to use the best antivirus software to ensure your device is kept free from malicious software. You may benefit from frequently scanning your devices to ensure there is no malware or viruses.
- Educate yourself on scams. Staying updated on the latest cybersecurity threats is crucial to ensuring you can spot a scam. For example, phishing emails are often prone to grammatical errors, a sense of urgency, or misspelled email addresses. Taking your time to evaluate an email's authenticity can stop you from accidentally downloading malware.
- Consider disabling JavaScript. If you disable JavaScript, it can stop cryptojacking code from infecting your browser and device. However, it also stops websites from fully loading, which can impact your browsing experience.
Best antivirus to defend against cryptojacking
Antivirus | ||||
Best for | Best overall antivirus software | All-in-one software | Comprehensive security | Best value |
Starting price | $29.00/yr (first year only) | $35.99/first yr | $29.99/first yr | $3.19/mo (billed annually) |
Features | Zero-day scans, anti-phishing, ransomware protection, password manager, ad blocker, TotalVPN | Antivirus protection, VPN, password manager, security for multiple devices | Antivirus, malware, ransomware, and hacking protection, cloud backup, password manager, Norton Secure VPN | Antivirus protection, Surfshark VPN, private search engine, data leak alerts, ad blocker |
Learn more | Get TotalAV | Get Aura | Get Norton360 Antivirus | Get Surfshark Antivirus |
FAQs
What does cryptojacking do to computers?
Cryptojacking steals computers’ processing power. Because cryptojacking needs a significant amount of energy, it uses other people’s devices to generate enough power to mine cryptocurrency. It doesn't steal data or damage your computer, but it can slow down processing times and increase your electricity bill.
How do you spot cryptojacking?
You can spot cryptojacking by its signs such as poor device performance, low router productivity, overheating batteries, or an unexpected increase in your electricity bill. Sometimes it can be difficult to notice cryptojacking, as it's designed to run in the background and be undetectable. But being aware can help you spot the signs sooner.
How common is cryptojacking?
Cryptojacking is common and is listed as the third top cybersecurity threat, according to the European Union Agency for Cybersecurity (ENISA). ENISA also noted that cryptojacking reached a record high in the first quarter of 2021. Cisco also reported that more than two-thirds of customers were affected by cryptomining.
Bottom line
Cryptojacking is elusive and many people may not notice their device is running malicious code. Poor device performance is usually the most noticeable sign that something is wrong with your device. This can include operating slowly or randomly shutting off. When combined with other red flags such as overheating or a large electricity bill, you may want to run antivirus software to find and remove the cryptojacking malware.
Prevention is always better than trying to remedy issues. Staying alert and proactively protecting your data and devices can go a long way in stopping cybercrime. You should also consider getting antivirus software to prevent and remove malware.