What is Malicious Cryptocurrency Mining Malware?

Malicious cryptominers belong to the category of malicious code designed to hijack idle processing power of a victim’s device and use it to mine cryptocurrency. Victims are not asked to consent to such activity and may even be unaware that it is happening in the background.

What is malicious cryptocurrency mining malware?

Formerly, most malicious crypto mining code tried to download and run an executable on the targeted device(s). However, a different form of crypto mining malware has recently become very popular – in-browser mining that uses simple JavaScript. This method - also dubbed cryptojacking - enables the same malicious activity to be executed directly in a victim’s browser, without installing any software.

How to detect a crypto mining malware attack

Cryptocurrency mining and cryptojacking are associated with extremely high processor activity that has noticeable side-effects such as a reduced performance of their device, overheating, and increased fan activity which you may spot from increased fan noise.

On Android devices, the computational load can even lead to “bloating” of the battery and in some cases physical damage to, or destruction of, the device.

Similar problems may be caused by a variety of issues in hardware or software however, in the case of cryptojacking, they become apparent after the victim accesses a specific website - probably one that incorporates the crypto mining JavaScript code.

How can you protect yourself from a malicious crypto mining attack?

Use a reliable security solution to block unwanted crypto mining and cryptojacking activity. If you notice that accessing a specific website dramatically increases the use of your CPU, close the browser.

In some cases, a reboot may be necessary in order to close the hidden browser windows, which continue with the mining in the background. After the restart, don’t allow your browser to autoload the previous session, as this might re-open the cryptojacking tab.

A brief history

Malicious cryptocurrency mining became prevalent in 2017, mostly due to the increase in value of various cryptocurrencies. Older variants of such malicious code were typically intended to infiltrate the victim’s device and install the mining software. In September 2017, a new cryptocurrency mining service was made available, named Coinhive. Unlike with other crypto mining services, Coinhive’s customers only needed to place a few lines of JavaScript into their web pages so as to enlist their visitors’ CPU power to mine cryptocurrency directly in-browser.

ESET offers you an award-winning antivirus

ESET HOME Security Premium

Powerful, multilayered protection to encrypt sensitive data, manage passwords easily, secure online transactions and more. A user-friendly solution for enhanced privacy online. Secures Windows, macOS, Android, and iOS devices.

Buy now

Try For Free