Cryptojacking: How Hackers Mine Cryptocurrencies

This approach to mining digital currencies lets the hacker sidestep the expenses associated with purchasing high-end equipment, electricity costs, and the fees associated with participating in mining pools. Instead, the hacker leverages the resources of unsuspecting users to boost their own crypto wallet balance at their expense. 

Cryptojacking software is notoriously difficult to detect. However, certain symptoms may indicate a device is infected:

These symptoms should be considered, especially if the device is not otherwise burdened with heavy tasks, like running games.

The primary method of cryptojacking attack involves the use of malicious software. For a user to download and install such malware, a simple click on a contaminated link is sufficient. The process typically unfolds without any pop-up windows or notifications, leaving the victim unaware. A mining script for a specific cryptocurrency quietly installs itself on the computer and utilizes its computational resources. This operation continues in the background until the hardware fails or the malicious software is detected and removed.

BadShell serves as an example of a cryptojacking software. It is disseminated without any discernible files and requires no installation, parasitically operating within the internal processes of Windows, thus making it difficult to identify. Other commonly used hacking software for such purposes includes FaceXWorm, Black-T, and WannaMine.

Another prevalent method of stealing resources for mining cryptocurrencies involves embedding an infected segment of JavaScript code into frequently visited websites. When visitors land on such a site, their computational power is exploited for cryptojacking purposes.

The pinnacle of computational power theft through browsers was observed in 2017-2018. During this period, hackers exploited the legitimate Coinhive mining pool to mine the anonymous cryptocurrency Monero. High-profile sites like the reputable American newspaper Los Angeles Times, the European Water Information System (WISE), and political fact-checking site PolitiFact fell victim to these attacks. This led to the eventual closure of the mining pool in 2019. 

A notable example of software cryptojacking occurred in 2013-2014 on the Yahoo! website. Over the course of a year, it hosted advertisements infected with BTC mining malware, resulting in over 2 million users being affected.

Cryptojacking can also be initiated through malicious links in emails. For instance, in 2014, a Harvard professor sent an email to other university staff that contained a link to a cryptojacking software. The professor exploited the computational resources of their computers to mine Dogecoin.

One might think this issue is no longer relevant, but statistics tell a different tale. According to SonicWall's report on cybercrimes, there were 139.3 million cryptojacking attacks recorded in 2022, a significant increase from 97.1 million in 2021. The rise was most pronounced in the US, with a jump of 41%.

Individual users can shield their computers from cryptojacking by deploying reliable antivirus software. Besides that, installing a program to ward off unsolicited downloads and a browser extension for blocking ads can provide added security. It's also important to carefully examine links in emails before clicking on them.