How cryptocurrency mining works
To understand what cryptojacking is, we first need to understand how cryptocurrencies are created. Cryptocurrencies are based on blockchain technology, which makes it difficult to forge financial transactions.
How do crypto transactions work? Instead of a bank verifying your transaction, it’s done by a network of computers. They record the sender’s and receiver’s bitcoin addresses and the amount that needs to be transferred. This information is then entered into a ledger where multiple computers can verify the transaction.
The computers that are responsible for the verification are called crypto miners. They put transactions into blocks that are then added to the blockchain. However, they are only accepted onto the blockchain if correctly hashed. The computer needs to perform complex mathematical calculations to do so. This takes time and a lot of computer processing power.
So why would anyone want to become a crypto miner? Because you are rewarded with a bitcoin once the block is added to the blockchain. So yes, your computer could essentially be making you money without you lifting a finger. However, it’s not that simple.
The blockchain is designed so that only a limited number of bitcoins can be released regularly. This means that the more people mine bitcoins, the more difficult it becomes and the more computing power you need. When bitcoins were launched in 2009, it was possible to use your laptop to mine crypto, but not anymore. If you want crypto mining to be profitable, you need racks of advanced hardware that can cost thousands of dollars.
Or, if you’re an unscrupulous hacker, you could hijack thousands of computers to do the work for you.
What is cryptojacking?
Cryptojacking is an unauthorized use of someone’s device to mine digital currency. By using a huge network of computers, hackers can mine crypto while using their victims’ electricity, devices and computing power to increase their profits. Victims might not even notice that their device is mining crypto. The only signs may be slower performance and overheated devices.
There are two ways hackers can cryptojack your device:
- Crypto mining malware. Hackers might use phishing tactics to trick you into clicking on a malicious link or download a malicious document hiding crypto malware. This type of malware is difficult to detect and can run a cryptojacking operation in the background without you even noticing it.
- Browser-based cryptomining scripts or drive-by cryptomining. With this approach, a hacker inserts a malicious piece of code into a web page. Their script is automatically executed whenever the website is loaded. Nothing is stored on your computer, but you are now mining crypto for as long as the web browser is open. Some websites might have secret pop-unders that will hide underneath your taskbar even after you close your browser. Hackers might also hide malicious scripts behind web ads. The code is executed when the ad pops up.
Why do hackers love cryptojacking?
- Easy money. They don’t need to use their own devices or computing power. This means they are reaping the benefits for a fraction of the cost. Instead, infected users will suffer from higher electricity bills and overloaded devices that might need repairs sooner than expected. You won’t notice that your device is being used for cryptojacking until it’s too late.
- Minimum risk. It’s hard to notice that your device is infected as the code runs in secret. The cryptojacking takes place behind the scenes, without disturbing your normal usage. It’s also hard to track the hackers, especially with anonymous cryptocurrencies like Monero and Zcash. Victims also rarely want to do so as their data is rarely stolen or compromised.
- Better success rate. Hackers prefer cryptojacking over ransomware because it guarantees a steady flow of money. With ransomware, only a few victims might pay the ransom. With cryptojacking, all of the infected computers generate money.
Is there anything you can do?
Detecting cryptojacking on your device can be very difficult. It’s designed to be as stealthy as possible. However, the most common symptoms of crypto malware are:
- Device response time has suddenly increased.
- High CPU usage. It may even seem like a legitimate programme is consuming all the power.
- Your device is overheating or the fan is always on.
However, there are a few things that may help you prevent or detect cryptojacking malware.
- Learn to recognize phishing. It’s one of the most common ways hackers infect your device, commandeering it to use in a cryptojacking scheme.
- Use adblocking or anti-crypto mining browser extensions such as AdBlock, No Coin or MinerBlock. This will make it harder for cryptojacking criminals to infect your device in the first place.
- Use NordVPN’s Threat Protection feature. It will scan files you download for malware so it becomes difficult for cybercriminals to install malware on your device. It will also block your access to malicious websites, minimizing the threat of phishing.
- Practice good internet behavior. Don’t click on suspicious links, don’t download suspicious documents, and try not to visit untrusted websites. There are any number of ways in which cryptojacking malware could be delivered.