Home Explainers How Illicit Cryptomining Works, And How to Prevent It

How Illicit Cryptomining Works, And How to Prevent It

Cryptocurrency hackers leverage cryptomining and cryptojacking techniques to infect the targeted systems to mine digital coins.


Whether it’s a surge in value or a decline, cryptocurrencies always make headlines. In addition to price fluctuations, various crypto-related issues such as cryptomining, illegal crypto transfers, or attacks on crypto exchanges are reported more often. The surge of illicit cryptomining continues to be a nightmare for cryptocurrency firms and exchanges. Threat actors are leveraging cryptomining and cryptojacking techniques to infect the targeted systems and mine crypto coins. Here’s how these attacks work and how on can detect them.

By Rudra Srinivas, Senior Feature Writer, CISO MAG

What is Cryptomining?

Cryptocurrency mining or cryptomining is a process of validating cryptocurrency transactions, also called blocks. Cryptocurrencies like Bitcoin, Binance coin, Ethereum, Dash, Monero, etc., use distributed public ledgers to track all the crypto transactions linked to the previous transactions, forming a chain of recorded blocks called a blockchain.

Cryptomining is usually done via sophisticated hardware that solves complex mathematical equations. The first computer (miner) to solve the equation is rewarded with the next block of cryptocurrencies, and the process continues.

How Illicit Cryptomining Works

Anyone with a network of computers (crypto miners) and capable of solving complex mathematical problems can become a crypto miner. However, some crypto miners hire malicious botnets to mine cryptocurrency illicitly. Adversaries leverage malicious cryptomining techniques to compromise cryptocurrencies.  According to Akamai’s report, cybercriminals use several malware variants to infect personal and corporate servers for malicious cryptomining activities. The report stated that the access to fake crypto exchange phishing URLs increased over 500% between March 2020 and May 2021. Threat actors also leverage malicious crypto apps to trick users and steal crypto coins.

Targeting Crypto Wallets

Cryptocurrency hackers often target cryptocurrency exchanges and digital wallets by deploying malicious cryptomining techniques to infect targeted systems and mine crypto coins.

Also Read: How to Safeguard Your Cryptocurrency Wallet from Digital Exploits

A digital wallet (cryptocurrency wallet) allows users to store, transfer, and receive cryptocurrencies without intermediates. Digital wallets are categorized into two types – Hot wallets and Cold wallets. Hot wallets allow users to store, send, and receive digital coins linked with public and private keys that help facilitate transactions. Hot wallets are connected to the internet, making them vulnerable to cyberattacks and unauthorized intrusions. But, cold wallets are stored offline and do not connect to the internet. Therefore, they are not prone to cyberattacks.  Storing your private keys in a cold wallet, also known as a hardware wallet, is the most viable option as these come encrypted, keeping your keys secure.

How to Prevent Illicit Cryptomining  

Cryptocurrency attackers perform illegal cryptomining activities using two methods – Binary-based and Browser-based.

In Binary-based cryptomining, hackers use malicious mobile applications installed on the targeted devices to mine cryptocurrency. These malicious applications automatically download cryptomining botnets to procure digital currency.

In Browser-based mining activity, also known as cryptojacking, bad actors use malicious JavaScript, designed to mine cryptocurrency, embedded into a website. In cryptojacking, threat actors hijack a network of computers and exploit them to mine crypto coins.

How to Prevent Binary-based Cryptomining   

  • Research on the app developers. Visit their official website and find their contact details.
  • Always download apps from an official app store to reduce the risk.
  • Read the terms and conditions carefully. Don’t download if you find anything suspicious.
  • Read the reviews to know more about the app.
  • Read the app permissions. Don’t install if the app asks for more permissions than required.

How to Prevent Browser-based Cryptomining   

  • Frequently update critical systems along with malware intrusion detection software.
  • Implement a BYOD (Bring Your Own Devices) at your company and make security awareness training mandatory for all employees.
  • Use DNS filters, firewalls, and install the best web filtering tools.
  • Install antivirus software and block pages that send cryptojacking mining scripts.
  • Continuously monitor your enterprise’s computing resources, check CPU energy consumption, and ensure no cloud misconfigurations exist.

About the Author:

Rudra Srinivas

Rudra Srinivas is a Senior Feature Writer and part of the editorial team at CISO MAG. He writes news and feature stories on cybersecurity trends.       

More from the Rudra.