Cryptomining attacks hijack computing resources to mine cryptocurrency. While less destructive than ransomware, they cause significant performance degradation and increased costs.
What is Cryptojacking?
Cryptojacking is the unauthorized use of computing resources to mine cryptocurrency. Attackers install mining software on servers, computers, or even browsers to profit from stolen processing power.
Unlike ransomware, cryptojacking is designed to remain hidden. The longer it runs undetected, the more the attacker profits.
Types of Cryptomining Attacks
Server-Side Cryptomining
Malware installed on servers runs continuously, consuming CPU/GPU resources for mining operations.
Browser-Based Cryptomining
Malicious JavaScript embedded in websites uses visitor browsers to mine cryptocurrency.
Signs of Cryptomining Infection
- Unexplained high CPU or GPU usage
- Increased electricity consumption and cooling costs
- Slow system performance without obvious cause
- Outbound connections to mining pool IPs
Protection Strategies
- Block Mining Pools - Prevent outbound connections to known cryptocurrency mining pool IPs
- Monitor Resource Usage - Alert on unusual CPU/GPU utilization patterns
- Endpoint Detection - Use security software that detects mining malware signatures
Identify Compromised IPs
Check if your servers are communicating with known mining pools.