What Is Cryptojacking? — How Hackers Mine Crypto Using Your Computer

Q: Can my phone be cryptojacked?

Yes — both Android and iOS devices can be targeted through malicious apps, compromised websites, and infected ads.

Q: How much money do cryptojackers make?

A single device generates $0.25–$2 per day, but botnets with thousands of devices can generate $25,000–$200,000 per day.

Q: Does cryptojacking damage your computer?

It can. Constant high CPU loads generate excess heat, shortening component lifespan and degrading batteries.

Q: Was Coinhive cryptojacking?

Coinhive was a legitimate browser-based Monero miner but was massively abused without user consent. It shut down in 2019.

Q: Can antivirus detect cryptojacking?

Most modern antivirus detects file-based cryptojacking. Browser-based scripts need ad blockers or anti-mining extensions for best protection.

Q: Why do cryptojackers mine Monero and not Bitcoin?

Monero uses RandomX which works on regular CPUs, and it's a privacy coin so payouts are untraceable — ideal for criminals.

Quick Summary

Cryptojacking is when hackers secretly use your device's processing power to mine cryptocurrency
It can happen through malware installed on your computer or browser scripts on infected websites
Signs include: slow performance, overheating, high CPU usage, and faster battery drain
Protection includes ad blockers, anti-malware software, and monitoring your CPU usage
Cryptojacking is illegal in most jurisdictions — legitimate crypto mining on your own hardware is perfectly legal

What Is Cryptojacking, Exactly?

Cryptojacking is a type of cybercrime where someone hijacks your computer, phone, or tablet to mine cryptocurrency without your permission. "Mining" requires a lot of computing power, and instead of paying for their own hardware and electricity, attackers steal yours.

Think of it like someone plugging into your home's electrical outlet to power their machines — except it's your CPU and GPU power they're stealing. You pay for the electricity and hardware wear while they collect the cryptocurrency rewards.

The crypto mined is almost always Monero (XMR) — a privacy-focused cryptocurrency that's untraceable (so the hackers can't be linked to the mining). Bitcoin isn't used for cryptojacking because it requires specialized ASIC hardware that consumer devices can't compete with.

⚠️ Don't confuse mining and cryptojacking: Crypto mining on your own hardware is perfectly legal in most countries. Cryptojacking is illegal because it steals someone else's resources without consent. The technology is the same — the difference is permission.

💡 Scale of the problem: Cryptojacking attacks increased by over 400% between 2022 and 2024, according to SonicWall's cyber threat report. It's now one of the most common forms of cybercrime — partly because it's harder to detect than ransomware and victims often never realize they've been targeted.

How Does Cryptojacking Work?

There are two main types of cryptojacking attacks:

🦠

Type 1: Malware-Based (File-Based)

The hacker tricks you into downloading malicious software — through a phishing email, fake download, or compromised program. The malware installs a crypto mining program that runs silently in the background.

How you get it: Clicking a malicious email link, downloading pirated software, infected USB drives, fake app updates

Persistence: Runs continuously, even after you close your browser

Severity: High — mines 24/7, significantly impacts performance and hardware lifespan

🌐

Type 2: Browser-Based (Drive-By)

A website loads a hidden JavaScript mining script that uses your browser to mine crypto while you're on the page. When you leave the site, the mining stops (usually).

How you get it: Visiting a compromised or malicious website, infected ads (malvertising)

Persistence: Only while you're on the page (though some use pop-unders that hide behind your taskbar)

Severity: Lower — temporary, but can drain battery and slow browsing

Step by Step: How a Cryptojacking Attack Works

Infection — You click a malicious link, visit a compromised website, or download infected software

Script activation — Mining code executes on your device, harnessing your CPU/GPU power

Mining — Your device solves cryptographic puzzles to validate transactions on the Monero network

Payout — Mining rewards are sent to the attacker's wallet — you get nothing but a slow computer

Evasion — Sophisticated scripts throttle CPU usage to avoid detection, making your device just slightly slower

Signs Your Device Is Being Cryptojacked

Cryptojacking is designed to be invisible, but it's not perfect. Watch for these warning signs:

🐌

Sluggish Performance

Computer or phone suddenly running much slower than usual. Programs take forever to open. Mouse movements are laggy.

🔥

Overheating

Your device runs hot even when you're not doing anything intensive. Laptop fans running at full speed constantly.

📊

High CPU Usage

Task Manager (Windows) or Activity Monitor (Mac) shows 80–100% CPU usage with no obvious reason. Unknown processes consuming resources.

🔋

Battery Drain

Laptop or phone battery depletes much faster than normal, even during light use.

💸

Higher Electric Bills

If a desktop computer is mining 24/7, it uses significantly more electricity. Noticeable on your power bill.

💥

Crashes & Freezes

System crashes, programs freezing, or blue screens can indicate hardware being pushed beyond its limits by mining operations.

⚠️ Smart cryptojackers are subtle: Modern cryptojacking scripts limit CPU usage to 30–50% to avoid triggering suspicion. Your computer might feel "a bit off" rather than obviously compromised. That's intentional — the longer it goes undetected, the more crypto they mine.

Who Gets Targeted?

Anyone with a computing device can be a target, but some are more attractive than others:

→ Businesses and servers — Corporate servers have massive computing power and run 24/7. A single compromised cloud server can mine thousands of dollars worth of crypto.
→ Universities and government networks — Large networks with many connected devices and sometimes weaker security.
→ Regular consumers — Individual computers aren't as profitable, but hackers target millions of them. Small amounts across millions of devices adds up fast.
→ IoT devices — Smart TVs, security cameras, and routers often have poor security and are easy to compromise.

How to Check If You're Being Cryptojacked

Here's how to investigate on different operating systems:

🪟 Windows

Press Ctrl + Shift + Esc to open Task Manager. Click the "CPU" column to sort by usage. If a process you don't recognize is using 50%+ CPU while you're not doing anything intensive, investigate it. Right-click → "Search online" to identify unknown processes.

🍎 Mac

Open Activity Monitor (Applications → Utilities). Sort by "% CPU." Look for unfamiliar processes consuming disproportionate resources. Pay special attention to processes running under your user account.

🌐 Browser-Based

Open your browser's built-in task manager: Shift + Esc (Chrome) or go to More Tools → Browser Task Manager. If a tab is using unusually high CPU, it might be running a mining script. Close the tab and see if CPU returns to normal.

📱 Mobile

Check battery usage in Settings. If an app or browser is using way more battery than expected, it could be mining. Watch for your phone getting hot during normal use or the battery draining unusually fast.

How to Protect Yourself

The good news: protecting yourself from cryptojacking is fairly straightforward with the right tools and habits.

🛡️

Use an ad blocker

Extensions like uBlock Origin or Adblock Plus can block known cryptojacking scripts. uBlock Origin maintains filter lists that specifically target mining scripts.

🔒

Install anti-malware software

Modern antivirus programs (Malwarebytes, Norton, Bitdefender) detect and block cryptojacking malware. Keep them updated — new mining variants appear constantly.

🔄

Keep software updated

Many cryptojacking attacks exploit known vulnerabilities in operating systems, browsers, and plugins. Updates patch these holes. Enable automatic updates wherever possible.

🚫

Don't click suspicious links

Phishing emails with malicious links are a top infection vector. Don't download software from untrusted sources. If an email asks you to click urgently, be skeptical. The same vigilance applies to protecting your crypto wallet and exchange accounts.

📊

Monitor your CPU usage

Get into the habit of occasionally checking Task Manager or Activity Monitor. If CPU usage is consistently high when you're not doing much, investigate.

🧩

Use anti-mining browser extensions

Dedicated extensions like No Coin or MinerBlock specifically target cryptojacking scripts while leaving other content untouched.

Cryptojacking vs Ransomware: What's the Difference?

Feature	Cryptojacking	Ransomware
Visibility	Designed to be hidden — you may never know	Immediately obvious — files are locked
Damage	Slower device, higher electric bills, hardware wear	Files encrypted — data loss, business disruption
Revenue model	Continuous — mines crypto over time	One-time — demands ransom payment
Risk to victim	Low-medium (financial drain, hardware damage)	High (data loss, business-critical)

Many hackers actually prefer cryptojacking over ransomware because it's lower-risk: victims are less likely to report it, law enforcement prioritizes it less, and it generates steady income instead of a risky one-time payment.

Is Cryptojacking Illegal?

Yes — in most jurisdictions, cryptojacking is illegal. It falls under unauthorized access to computer systems, computer fraud, and theft of resources laws. However, prosecution is challenging because:

→ The damage per individual victim is small (a few dollars in electricity)
→ Attackers often operate from jurisdictions that don't cooperate with international law enforcement
→ The cryptocurrency mined (Monero) is difficult to trace
→ Most victims never even realize they've been targeted

Note that legitimate crypto mining on your own hardware is perfectly legal in most countries. Cryptojacking is illegal because it uses someone else's resources without consent. If you want to get into crypto legitimately, use a trusted exchange like Kraken or Binance and store your crypto in a secure wallet.

Key Terms

Cryptojacking	The unauthorized use of someone else's device to mine cryptocurrency — a form of cybercrime that steals computing power and electricity
Botnet	A network of infected computers controlled by a hacker — used for cryptojacking at scale, sometimes comprising millions of devices
ASIC	Application-Specific Integrated Circuit — specialized mining hardware. Bitcoin requires ASICs, which is why cryptojackers mine Monero (works on regular CPUs) instead
RandomX	Monero's mining algorithm designed for regular CPUs — the reason Monero is the cryptocurrency of choice for cryptojackers
Browser Mining	Running a mining script inside a web browser via JavaScript — can be legitimate (with consent) or malicious (cryptojacking)
CPU / GPU	Central Processing Unit / Graphics Processing Unit — the hardware components cryptojacking malware exploits to mine crypto on your device

What to Read Next

What Is Crypto Mining?

Understand how legitimate mining works — the process cryptojackers are exploiting.

Can Crypto Be Traced?

Why cryptojackers use Monero — and how blockchain tracing actually works.

Is Crypto Mining Legal?

Where mining is legal (and where it's banned) around the world.

How Crypto Wallets Work

Protect your crypto with the right wallet setup and security practices.

Frequently Asked Questions

Can my phone be cryptojacked?

Yes — both Android and iOS devices can be targeted, though Android is more vulnerable due to its more open app ecosystem. Malicious apps, compromised websites, and even infected ads can run mining scripts on your phone. Signs include excessive heat, rapid battery drain, and slow performance.

How much money do cryptojackers make?

A single consumer device might only generate $0.25–$2 per day in mining revenue. But cryptojackers operate botnets with thousands or millions of devices. A botnet of 100,000 compromised devices could generate $25,000–$200,000 per day. The biggest cryptojacking operations have generated millions of dollars.

Does cryptojacking damage your computer?

It can. Running your CPU/GPU at high loads constantly generates excess heat, which can shorten component lifespan, degrade thermal paste, and potentially damage batteries in laptops and phones. Over months, this wear and tear adds up. It also increases electricity costs and can void warranties on some devices.

Was Coinhive cryptojacking?

Coinhive started as a legitimate project — a JavaScript Monero miner that websites could use as an alternative to ads with user consent. But it was massively abused by hackers who embedded it on websites without permission. Coinhive shut down in 2019, but similar scripts still exist. The concept of consent-based browser mining is legitimate; using it without permission is cryptojacking.

Can antivirus detect cryptojacking?

Most modern antivirus programs can detect known cryptojacking malware. However, browser-based mining scripts are harder to catch because they run in the browser, not as installed software. Using a combination of antivirus + ad blocker + anti-mining browser extension gives the best protection.

Why do cryptojackers mine Monero and not Bitcoin?

Two reasons: (1) Monero uses the RandomX algorithm, which is designed to work well on regular CPUs — no specialized hardware needed. Bitcoin requires expensive ASIC miners that consumer PCs can't compete with. (2) Monero is a privacy coin, so the mining payouts are untraceable — perfect for criminals who don't want to be identified.

Stay Safe in Crypto

The crypto world has risks — understanding them is the first step to protecting yourself.

Crypto for Beginners How Wallets Work