Credit: Javardh
'Cryptojacking' is a term used to describe the action of secretly using a computer to mine cryptocurrency.
The original form of cryptojacking would involve the victim unknowingly installing software on their computer that would run in the background, solving algorithms.
to generate units of a cryptocurrency that would go back into the wallet of a hacker.
However, this particular type of attack has evolved to the point where it no longer needs a program to be installed - you can be cryptojacked simply by visiting a website in your browser.
We’re going to explain more about what cryptojacking is and how you can avoid it happening to you.
How does cryptojacking work?
The original form of cryptojacking is similar to any ‘standard’ malware attack. A user will be tricked into installing malicious software on their computer which will then have access to their system.
With cryptojacking specifically, this software will quietly take a portion of your computer’s processing power and use it to solve complicated algorithms. When these algorithms are completed units of cryptocurrency are deposited into a wallet, usually, one associated with the writing of the program.
There is a slightly positive side to this, as these programs are designed to be discrete and stealthy to avoid detection and so you shouldn’t notice any change in your computer at all if you have one - so at least this particular brand of malware isn’t going to make your computer inoperable as some others do.
In-browser cryptojacking
The more alarming part about cryptojacking is that it can be done in-browser and doesn’t require a download or installation. Simply visiting a website will result in the code automatically running and using your computer’s resources.
The scripts that allow the cryptojacking to take place are buried within the Javascript on the website, and as JavaScript is found on almost every website it can crop up almost anywhere.
Interestingly enough, this method has been cited as a potential replacement for display advertising - so rather than seeing a bunch of advertisements on a website, it will instead use a very small percentage of your CPU to complete algorithms while you’re viewing the page.
This would, of course, have to be something you’d need to agree to, but there are a few websites that will just do it without asking for your consent and this is what is known as in-browser cryptojacking.
How to avoid cryptojacking
Avoiding local cryptojacking (from software that has been installed on your PC) follows the same process as avoiding any other malware or virus, and we have a guide to avoid this by keeping yourself safe online just here. If you think you may already have malware on your computer then we have a guide for what to do next, too.
Getting a good antivirus is always essential and something everyone should have, make sure you check our best antivirus deals.
Avoiding cryptojacking from a website is going to be more challenging unless you want to go digging in the source code each time you load up a web page. If a website is limiting the number of resources it is drawing from your computer then you shouldn’t notice much change, but if it’s trying to draw as much power as possible then you could notice your device’s performance becoming sluggish or the fan speed increasing.
You can download a cryptojacking blocker to stop any of these scripts running in your browser. This blocker will take the form of a browser extension and stop any websites using your computer for cryptocurrency mining.
If the whole cryptocurrency scene is still a bit of a mystery to you (and who could blame you) then take a look at our article where we do our best to explain it.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.