What is Cryptojacking?

What is cryptojacking?

Cryptojacking is defined as the secret use of your computing device to mine cryptocurrency.

Cryptojacking used to be confined to the victim unknowingly installing a program that secretly mines cryptocurrency.

Here’s the bad news…

In-browser cryptojacking doesn’t need a program to be installed.

I found this out when Jascha, a Hacker Bits subscriber, emailed us about an article in Issue 22 that was doing in-browser cryptojacking.

Below, you’ll find out more about in-browser cryptojacking and how to protect yourself.

Big thanks to Shea Newkirk (aka The 'Stache), Jascha, Brian D. Colwell and Kyle Rea for reviewing earlier versions of this article!

How does in-browser cryptojacking work?

In-browser cryptojacking uses JavaScript on a web page to mine for cryptocurrencies.

JavaScript runs on just about every website you visit, so the JavaScript code responsible for in-browser mining doesn’t need to be installed.

If you think it’s nothing, think again…

You load the page, and the in-browser mining code just runs. No need to install, and no need to opt-in.

Currently (Nov 2017), in-browser mining is available for the Monero cryptocurrency.

Monero is a privacy-focused cryptocurrency started in 2014. It is one of the few cryptocurrencies that supports in-browser mining. 

A cryptojacking JavaScript web page uses your computer to mine for cryptocurrencies. 

Will you notice if a web page is cryptojacking?

It depends.

If the mining is being throttled to stay below a certain threshold, you may not notice any performance degradation.

If the mining is not being throttled, you will likely notice some impact on performance. 

After Jascha’s email, I navigated to the article and noticed my laptop fan whirring loudly.

My laptop fan starts whirring whenever the CPU usage jumps up from my normal CPU usage, so I was definitely suspicious.

What devices are affected?

In-browser cryptojacking can happen to any computing device that can run JavaScript. This means your desktop, laptop and even mobile device could be potential targets for in-browser cryptomining.

Is it dangerous?

Once again, it depends.

If you’re on a desktop or laptop with lots of processor speed and memory, you might not even notice in-browser cryptojacking.

On the other hand, cryptojacking on a mobile device like a phone or tablet could be a significant drain on your battery. 

What sites do cryptojacking?

Although some of these sites have removed the cryptojacking code, here are a few sites that were reported for cryptojacking:

How do you protect yourself?

The simplest way to protect yourself is to install a browser extension that blocks a list of domains associated with cryptojacking code.

NoCoin is currently the most widely installed extension. Rafael Keramidas, the extension author, created extensions for both Chrome (over 225K installations) and Firefox (close to 20K installations).

NoCoin seems to have one of the most comprehensive blacklists with at least 5 known contributors.

Maybe one day the capability to block cryptojacking will be built into the browser.

If this interests you, make sure to checkout this thread from the folks at Chromium: 766068 – Please consider intervention for high cpu usage js.

Want to know more about cryptocurrencies?

Checkout Cryptominded for a curated collection of some of the best cryptocurrency resources. The Starters’ Guide is fantastic.

If you’re okay with being cryptojacked and like living on the edge, you can also checkout Issue 22. The link to A Guide to Crypto Currencies is also a great guide. 

About the Author

Ray Li

Ray is a software engineer and data enthusiast who has been blogging for over a decade. He loves to learn, teach and grow. You’ll usually find him wrangling data, programming and lifehacking.

Comments 3

  1. Pingback: Websites in Vancouver and Canada among 1000s cryptocurrency mining through users’ computers | sqwabb

  2. Pingback: Homeless in Vancouver: Canadan websites among thousands mining cryptocurrency via users’ computers | Ethereum Blog

  3. Pingback: Cryptojacking & Crypto-coin miners – PANKOV

Leave a Reply

Your email address will not be published. Required fields are marked *

15 + 8 =