Cryptojacking Explained | How It Works and How to Prevent - Coindoo

Cryptojacking Explained | How It Works and How to Prevent

Editorial Team Avatar
Jan 13, 2019
5 min reading time

What Is Cryptojacking?

Cryptojacking is when a device is being used to mine cryptocurrency without the user’s consent after being infected with a malicious mining script. There are multiple scenarios in which one call fall a victim of this practice. It can be very easy to accidentally download malicious code from an apparently safe website or a free content management system.

This form of hijacking occurs only when you are browsing the internet and access a website that is cryptojacking inexperienced internet users. It script doesn’t even need to be downloaded or clicked to work, it just requires the user to browse the malicious website.

This is because there are plenty of websites that are infected with JavaScript code. Coinhive is the most used mining code for in-browsers because it is easy to deploy and can go untraced. Even specialized plugins may fail to detect sites that have been infected with Coinhive. Actually, nearly 82 percent of infected sites go unnoticed.

Cryptojacking represents one of the most serious threats the cyber world is facing, with one-quarter of all businesses already being affected. And the big businesses are not the ones that are even being targeted. Not even cryptocurrency exchanges, ICOs, or even crypto owners are the ones they are aiming for. It’s the average user that has a mobile phone, personal computer, server, or even IoT device, which can get cryptojacked just about anywhere, at any time.

How cryptojacking works

Hackers basically have two ways of getting in a victim’s computer and exploiting its computing power to mine cryptos. The first one involves tricking the victims into loading cryptomining code onto their computers. This is achieved through phishing methods in which the victims receive a legitimate-looking email which contains a link that they are told to click on. The link then runs a code which injects the cryptomining script on the computer. The script then runs in the background while the computer is on.

The second method involves injecting a script on a website or an ad that is sent to multiple websites. Once the victims enter the website or the infected ad pop-ups in their browsers, the script then executes automatically. The code is not kept on the victims’ computers. Regardless of the method used, the code performs complex mathematical problems on the victims’ computers and sends the mining rewards resulted from the process to the hacker’s server.

Hackers will often employ both methods to increase their returns. For instance, out of 100 devices that mine cryptocurrencies for a hacker, 10 percent might be producing income from code on the victims’ machines, while 90 percent can mine via web browsers.

But contrary to most other types of malware, cryptojacking scripts do not touch the victims’ data which is stored on the computer. They only use the CPU’s processing resources. For individual users, a computer working slower than usual might be just an annoyance. But organizations with many infected systems can lead to real costs generated by the help desk and IT time used to find the performance issues and replace the hardware or systems in the hope of solving the problem.

How to Avoid Cryptojacking

There is no clear law that defines whether cryptojacking is legal or illegal, but the method is not ethical by any means as internet users have their resources taken away without their consent or receive any incentive.

Cryptojacked victims usually will notice that their devices will be low on battery quite fast, or their devices will heat up fast while some will observe that their CPU power utilization will be higher than usual. By entering your task manager, you can check your CPU utilization to check if you are being cryptojacked.

There are some security practices and plugins that you can use to avoid being a victim of in-browser cryptojacking:

  • Never click on a link in an email.
  • Turn off your JavaScript in the browser.
  • You can run anti-phishing software, antivirus, and adblockers for chrome extensions like No Coin or MinerBlock.
  • You can run specific script blockers such as NoScript or uBlock.
  • Think of using more privacy-centric browsers such as Brave.

Major Cryptojacking Incidents

One of the biggest cases of cryptojacking to ever happen is when the Shominru mining botnet infected over 500,000 hardware devices. Windows’ servers were the ones targeted, and over $3.5 million worth of Monero were mined by the victims.

Another high-profile cryptojacking incident was the Siacoin Internet Cafe hack when Chinese hackers mined over $800,000 million in Siacoin by infecting internet cafes with the mining script. 


There have been millions of users that have fallen victims to cryptojacking and thousands of websites have also been attacked. You cannot be completely protected against this threat, but the best thing you can do is to have good security practices and educate yourself so you can identify such attacks before they take over your device.

* The information in this article and the links provided are for general information purposes only and should not constitute any financial or investment advice. We advise you to do your own research or consult a professional before making financial decisions. Please acknowledge that we are not responsible for any loss caused by any information present on this website.
Press Releases