Cryptojacking: beware, hackers steal your money without your knowledge


Last updated: July 16, 2022

Le cryptojacking recently made the headlines when the press revealed that thousands of Anglo-Saxon sites, including government-owned sites, have been infected with this new plague. With the rise of bitcoin and cryptocurrencies, expect this type of fraud to flourish. So in the face of this new threat, it's time to see this what is cryptojacking and how to protect yourself against it.

The origin of cryptojacking

In September 2017, a company, CoinHive, unveiled a new JavaScript program. This code, intended for webmasters, allows, once installed on a website, to use the computing power of the site visitors' computer to mine crypto-currencies (see how Bitcoin works). This way webmasters can monetize their site without resorting to unwanted display of advertisements. The Pirate Bay, the famous torrent download site, was one of the first major sites to test this new technology.

The pirates quickly seized this novelty

This bold and legitimate concept very quickly inspired hackers. Indeed, they quickly had the idea of ​​hacking websites to inject this code and mine crypto-currencies for their own account and without the knowledge of webmasters and their users. This method has a lot of advantages for cyber criminals:

  • It is relatively simple to implement and requires few resources.
  • It is practically untraceable. The most commonly mined cryptocurrency is Monero which is recognized in the cryptosphere as the most advanced currency in the area of ​​anonymity protection.
  • Fraud is often undetectable.

The impact of cryptojacking on Internet users

When you visit one of these sites through your browser, your computer or mobile is requested to mine cryptocurrencies (which consists of performing complex mathematical operations). These additional calculations can then slow down the operation of your computer but above all significantly increase energy consumption and therefore increase your electricity bill. However in most cases, and depending on the hacker's greed, these operations are imperceptible to a normal user.

How to protect yourself from cryptojacking?

Manual detection

When your PC faces a cryptojacking attack, it will use these resources to carry out mining operations and therefore put your hardware, and more precisely your processor, to work. You can therefore consult, under Windows, the use of your CPU, by pressing the keys ctrl + shift + Esc and clicking on the performance tab. If you are seeing a sudden increase in your CPU then it is likely that you are facing an attack.

Also without even consulting the performances, the overheating your computer et the noise of your fan are surefire indicators, so if he starts whistling frantically, you might suspect an attack.

To end cryptojacking, you just need to leave infected web page.

Block malicious script

Cryptojacking requires a script to be loaded to work, so all you have to do is forbid it to be loaded to be safe. The best Ad blockers are now able to identify and block the loading of these scripts in your browser. There are also plugins on Chrome like Nocoin or Antiminate which will prevent mining through your browser.

I encourage you to take all precautions to avoid falling victim to cryptojacking. Even if it is unlikely that this technique can irreparably damage your PC or mobile, it can certainly eat away a few euros or ten euros on your electricity bill each month and what's more it is a real disaster for the autonomy of your device.