We use cookies to allow us and selected partners to improve your experience and our advertising. By continuing to browse you consent to our use of cookies as per our policy which also explains how to change your preferences.

Cryptojacking: how your PC can be hacked to mine Bitcoin for others

Click on the wrong site and your computer could be hijacked by those looking to profit from cryptocurrency

Inside the bitcoin bubble

Even if you’ve never dabbled in Bitcoin yourself, your computer can be hijacked by those looking to make a cryptocurrency windfall. We explain what you need to know about ‘cryptojacking’ and how to stay secure.

The latest attacks involving cryptocurrencies such as Bitcoin are outsmarting even the biggest tech companies around. Cryptocurrency miners are finding ways to piggyback computers of unwitting web users, all in a bid to profit from the Bitcoin phenomenon.

Cryptocurrencies are digital alternatives to traditional currencies such as sterling. They’re not tied to any bank or national economy, and they’re fiercely encrypted to offer security for online transactions.

The value of currencies, the most famous of which is Bitcoin, has gone through the roof. That’s what incentivises groups or individuals to ‘mine’ for them online, including via the horsepower of other people’s computers.

Which? Tech Support – friendly one-to-one tech and computing advice from Which?

How your PC can be cryptojacked

While browsing online, you might suddenly hear your laptop’s fans whirring into life and your PC slowing to a crawl. A security scan might show no malicious files hiding in your PC. The problem goes away, and you move on. And yet, when you next come back to that same website, the problem starts again.

The cause could be a type of malware that’s very hard to detect. In fact, when used legitimately, this software isn’t considered malware at all. What’s going on?

This kind of slowdown and processor surging can be caused by a browser-based cryptocurrency miner. Recent examples – most notably one called CoinHive – have already affected website users all over the world. The miner can be secretly embedded into websites and even YouTube video ads. If you land on them, it can begin running in the background straight away.

Best antivirus software: see our recommendations and reviews for 2018

Mining for cryptocurrency

The miner uses your computer (and many others) to mine cryptocurrency at scale. It’s using your processor to solve fiendish mathematical problems that can only be carried out by a computer.

Once the problems, or ‘hashes’, have been solved, the owner of the miner gets a small amount of their chosen cryptocurrency deposited into their account.

The perpetrators typically dig up only a tiny amount of cryptocurrency. But, using other people’s hardware (and the electricity it all runs on) costs even less. At scale, this can be a viable strategy for earning money.

The big problem is that software such as CoinHive can be inserted into practically any webpage without your knowledge. It’s so hard to detect that in January it was found to be hiding in adverts displayed on YouTube.

The good news is that these miners don’t try to steal any personal information, don’t install any programs on your computer and don’t try to fleece you with ransomware. They are, however, inconvenient, make your computer run slowly and will increase your computer’s power consumption, costing you time and money.

Used with permission, CoinHive is not considered malware because it actually serves a purpose. But when used without permission, it is most certainly an unwanted piece of malware, as detailed in a blog post from leading antivirus firm Symantec.

Spot the signs of a Bitcoin miner

It’s normally quite easy to tell whether a cryptocurrency miner is running on your computer. When you visit an affected webpage, your computer will probably run more slowly, especially if you’re using a laptop, and you’ll hear your cooling fans whining more than usual.

If you’re using Windows, you can use Ctrl + Alt + Delete to open the Task Manager. On the Processes tab, and find your web browser, you’ll see that the CPU column might show a high percentage of usage.

This doesn’t necessarily mean your PC is being used as a miner, since some websites can be very hungry for your PC’s resources anyway. But it’s certainly a clue.

Often, miners hide in adverts and in some cases these ads show up as blank space, so look out for white space where you’d expect an advert to be.

How to protect yourself

We always recommend having antivirus software installed, be it free or premium. Although CoinHive has outsmarted a few security measures so far, anti-malware experts are always evolving their products. More often than not, good security software should protect against this sort of exploit.

Also, check for any ‘pop-under’ windows – these are like pop-ups, but they hide behind your web browser in the hope that you don’t find them.

In addition, visiting only websites you trust is always advisable. Although, as we’ve seen above, even the most trusted websites on the web can fall foul of miners.

Which? tests antivirus software on a regular basis. We use thousands of strains of malware and online nasties to find the antivirus packages that are good enough to protect your computer. Read our reviews to find out which antivirus package is right for you.

Back to top