Exploring today's technology for tomorrow's possibilities
What is Cryptojacking and How to Stop an Attack
August 24, 2021
Reading time: 7 minutes
There are widespread implications to the continued growing interest in cryptocurrency and blockchain technology, and they go beyond the potential use of digital money and how it’s mined. Unfortunately, hackers expanded into illicit cryptomining through a new type of attack called “cryptojacking” malware.
In this article, we’ll explore exactly what cryptojacking is, including how hackers find ways to co-opt your hardware, how you can detect cryptojacking, and how to resolve any issues you may experience.
What is cryptojacking?
Cryptojacking (sometimes written as “crypto jacking”) is an emerging online threat that uses malicious code to trick your computer into mining digital currencies for someone else. According to Interpol, cryptojacking covers any activity that “secretly uses a victim’s computing power to generate cryptocurrency.”
In other words, these web jackers don’t use their own resources to build their digital wallet, they use yours, which saves them money on the hardware investment and energy commitment (no big electricity bills to worry about!). They target a number of personal computers – like yours – to build a distributed network, rather than build a large-scale cryptomining enterprise, which requires a lot of space, hardware, power, and supervision.
How does cryptojacking work?
Threat actors have a variety of ways to access your device and secretly install malicious cryptomining scripts.
The most common methods are very similar to other forms of malware, which sneak into your PC through online interactions, especially through web browsers and email clients. Simply clicking a bad link in a scam email or on an unfamiliar website is enough to let a cryptojacking script into your system.
There are also different types of cryptojacking, which have two primary methods of infecting your device. The first involves traditional malware and malicious link scams, and the second uses an open web page to co-opt resources while you’re on the site. The latter is often more challenging to identify and stop.
Why are cryptojacking attacks so common?
Cryptojacking attacks are common because it’s a safe method for hackers to gain access to your resources. It also has a big profit potential compared to the risk. As opposed to typical malware that steals your information for a direct attack on your data and accounts, cryptomining malware uses your PC’s resources to mine for digital money.
Victims are often unaware and the scripts are difficult to track, which makes it hard to track an attack. That means it’s primarily up to victims to manage the threat independently. Let’s look at some of the clues you can use to identify a cryptojacking attack on your system.
How to tell if your device is infected
Since cryptojacking depends on your hardware to mine new currency, it is easiest to detect through physical indicators on your device. Two crucial signals are energy usage and overall usage, but here’s what else you should take seriously.
1. Reduced performance during normal use
Using computers to mine cryptocurrencies requires a lot of energy and processor power. CPU usage is heavy, which means your computer will struggle to mine cryptocurrency effectively if it’s performing other tasks. That’s why legal mining often depends on dedicated hardware, rather than a PC you use daily for work or play.
You must watch out for reduced and erratic performance, especially when using less resource-intensive software. Simply checking your email or scrolling through a spreadsheet is not enough to cause most personal computers to struggle, so if you do experience serious slowdown, you may want to investigate further.
2. Overheating and excessive cooling activity
Heat regulation is a much bigger challenge for infected devices. In addition to running slowly, your device may actually become hot to the touch, especially ventilation points and areas near critical components. If your computer is older or you have your own cooling solution setup, you may notice excessive fan noise or system activity.
This will have many short-term consequences, including damage to internal hardware and erratic behavior (errors, slowdowns, etc.). It leads to further wear on components, which is often a root cause of reduced performance over time. Cryptojacked or not, overheating on your device is a sign that something is wrong, so it’s important to find out why it’s happening sooner rather than let it continue.
3. Decreased battery life and charging capabilities
By splitting your resources with a cryptojacking script, your computer places a bigger strain on its energy sources.
If your computer is plugged into an outlet, this means you’ll spend more on electricity. And if you’re using a laptop or notebook, this means the battery won’t last as long away from a power source. If you’re using a brand-new device and its battery is losing its charge much sooner than it should, it may be compromised.
You may also notice a delay when you try to recharge the battery. Since some cryptojacking code can hide itself by operating when you aren’t using your computer, it doesn’t matter whether you’re active or not. Malicious cryptomining can take place even when you’re not logged in.
4. Signs of activity outside of regular use
Cryptojackers, and their cryptomining malware, are becoming increasingly sophisticated. One of the more recent and difficult to detect varieties involves hiding malicious activity when you’re actually using your device. The script may only activate when you close all your tabs and apps, or it may be programmed to stay below a certain percentage of CPU usage.
This makes it all the more difficult to tell if you’re the victim of a cryptojacking script, because there are fewer visible opportunities to detect an intrusion. However, if your computer is already warm before using it or after a short break, you may be dealing with cryptojacking or another type of malware.
How to stop cryptojacking
The best way to shield your device against cryptojackers, or any type of malware, is proper oversight. What that entails depends on your typical usage, but there are several good rules of thumb that any user should follow.
If you need to protect additional devices at home or at work, consider talking to everyone else involved about the threat. You should also seek assistance from your company’s IT department or enterprise services to help you prevent cryptojacking.
1. Maintain your browser
For most users, browser maintenance only requires a couple of quick notes. First, make sure your browser is up-to-date so you have basic defenses against the most recent cryptojacking scripts. These updates can’t promise total protection, but they provide the most recent browser security changes.
Keep an eye on your browser extensions, too. Cryptomining malware is often packaged as apps or browser extensions that you may knowingly or unknowingly add to your system. Whether you use Microsoft Edge, Google Chrome, or another browser, be sure to research any unfamiliar apps – and promptly delete anything you didn’t download yourself.
2. Block known sources and coin jacking sites
Use your browser settings to block sites you know or suspect of using cryptojacking scripts. The roots of cryptojacking lie in software designed to passively mine cryptocurrency when a consenting visitor navigates to their website. In this scenario, cryptomining replaces pop-ups or embedded advertisements as a source of revenue.
If your browser supports blocking individual websites, you can keep a running list of no-go websites. You can typically add suspicious URLs to an index via the browser’s security or general settings. Your browser may even feature a dedicated extension for blocking.
3. Install anti-virus and malware prevention software
Installing, updating, and running a cybersecurity program on your device is the best way to minimize attacks. Some work passively, and others may require you to periodically run scans and apply new updates.
Here’s a quick rundown of 3 leading options:
McAfee Total Protection: McAfee has the best range of prices and coverage for the most devices. The $69.99 Ultimate plan currently supports unlimited device coverage, while the $24.99 AntiVirus Plus plan covers up to 10 devices.
Bitdefender: This is another popular option that users praise for its streamlined design, which means device management is easy. It’s available in a variety of plans with different add-ons, including hands-on support from Bitdefender technicians and security researchers.
Webroot: Webroot is available in different editions based on use, from the home to the workplace. There are 3 plans for home users, and Webroot specifically highlights cryptojacking in its onboarding material.
If you’ve used the same antivirus software for a long time, you may want to check the latest reviews and compare your options. A free or older service that was great at launch may no longer receive updates as often as you need them.
Who is most at risk from cryptojacking attacks?
The risk of cryptojacking is great for all types of users, but especially for professionals who lack the protection of a dedicated enterprise IT or security department. Gamers are also at an elevated risk, because they may mistake slower computer performance and overheating as signs of lackluster hardware.
The threat of cryptojacking is greater than ever, but most users can protect against it with a few additions to your browsing or maintenance routine. Or you can take some of the pressure off your agenda and upgrade to more comprehensive anti-virus protection. Direct support and affordable coverage is more accessible than you may think.
About the Author: Dwight Pavlovic is a contributing writer for HP Tech Takes. Dwight is a music and technology writer based out of West Virginia.
We are working to meet the current extraordinary customer demand for our products. Our website reflects current product availability but circumstances are dynamic. You may check your order status via our Track My Order page (Click Here to log in). We will send updates by email as soon as they are available. We greatly value your business and appreciate your ongoing patience as we work to get your order to you.
Prices, specifications, availability and terms of offers may change without notice. Price protection, price matching or price guarantees do not apply to Intra-day, Daily Deals or limited-time promotions. Quantity limits may apply to orders, including orders for discounted and promotional items. Despite our best efforts, a small number of items may contain pricing, typography, or photography errors. Correct prices and promotions are validated at the time your order is placed. These terms apply only to products sold by HP.com; reseller offers may vary. Items sold by HP.com are not for immediate resale. Orders that do not comply with HP.com terms, conditions, and limitations may be cancelled. Contract and volume customers not eligible.
HP’s MSRP is subject to discount. HP’s MSRP price is shown as either a stand-alone price or as a strike-through price with a discounted or promotional price also listed. Discounted or promotional pricing is indicated by the presence of an additional higher MSRP strike-through price.
The following applies to HP systems with Intel 6th Gen and other future-generation processors on systems shipping with Windows 7, Windows 8, Windows 8.1 or Windows 10 Pro systems downgraded to Windows 7 Professional, Windows 8 Pro, or Windows 8.1: This version of Windows running with the processor or chipsets used in this system has limited support from Microsoft. For more information about Microsoft’s support, please see Microsoft’s Support Lifecycle FAQ at https://support.microsoft.com/lifecycle
In-home warranty is available only on select customizable HP desktop PCs. Need for in-home service is determined by HP support representative. Customer may be required to run system self-test programs or correct reported faults by following advice given over phone. On-site services provided only if issue can't be corrected remotely. Service not available holidays and weekends.
Not all features are available in all editions or versions of Windows. Systems may require upgraded and/or separately purchased hardware, drivers, software or BIOS update to take full advantage of Windows functionality. Windows is automatically updated and enabled. High speed internet and Microsoft account required. ISP fees may apply and additional requirements may apply over time for updates. See http://www.windows.com.
HP Rewards qualifying and eligible products/purchases are defined as those from the following categories: Printers, Business PCs (Elite, Pro and Workstation brands), select Business Accessories and select Ink, Toner & Paper.My HP Rewards
*America’s most trusted printer brand: Based on 2022 semi-annual internal brand surveys commissioned by HP.
Help protect your printer and your data with Original HP cartridges: HP office-class printing systems are select Enterprise and Managed devices with FutureSmart firmware 4.5 and up, Pro devices, LaserJet models
The personal information you provide will be used according to the HP Privacy Statement