Cryptojacking is a cyberattack where criminals secretly use someone else’s computer, phone, server, or cloud resources to mine cryptocurrency. Instead of paying for hardware and electricity themselves, attackers “borrow” computing power without consent, turning victims’ devices into profit-generating mining rigs.
How cryptojacking works
Cryptojacking typically starts with unauthorized code running on a target system. This can happen through malware installed via phishing emails, infected downloads, compromised software updates, or by exploiting unpatched vulnerabilities. In other cases, malicious mining scripts can be injected into websites or online ads, causing visitors’ browsers to use CPU resources while the page is open. Modern cryptojacking campaigns often seek high-value targets such as corporate networks or cloud accounts, where attackers can scale mining across many machines and keep operations running continuously.
Because mining rewards depend on sustained computation, cryptojackers try to stay hidden. They may throttle usage to avoid obvious slowdowns, disable security tools, or schedule activity during off-hours. For organizations, a single compromised server can lead to lateral movement and broader network exposure, not just unwanted mining.
Signs, risks, and why it matters
Common symptoms include sudden performance degradation, overheating, loud fans, battery drain on laptops and phones, and unexpectedly high electricity or cloud compute bills. In business environments, cryptojacking can also reduce application reliability, increase infrastructure costs, and signal broader security weaknesses.
This concept matters in the crypto ecosystem because it shows how cryptocurrency mining can be abused as a monetization method for cybercrime, pushing individuals and companies to strengthen security, patch systems, and monitor resource usage to protect both devices and networks.