Cryptojacking: Why Ignoring It Could Cost You More than You Think

Imagine waking up, your air conditioning at full blast and laptop fan spinning furiously. Since it’s summer and your last Netflix binge was just hours ago, you shrug it off.  

But what if these little annoyances were actual crimes in progress?  

In 2022, Charles O. Parks III was a self-styled crypto guru living a life you’d only expect from Silicon Valley millionaires: luxury hotels, designer jewelry, and a brand-new Mercedes-Benz AMG S-Class coupe.  

But, late one night, he quietly pulled in millions by siphoning computing power from two cloud providers. The question is: are you at risk because of this? 

If you’ve never heard of cryptojacking, get ready to meet the unseen threat hijacking CPU cycles for virtual profit.  

What is cryptojacking and how does it work? 

While Parks flaunted his crypto gains on YouTube - joking that he didn’t “have to work the rest of the year” - he never once let on that his lavish lifestyle was built on theft, not innovation. 

Ultimately, cryptojacking is the unauthorized use of a device (mobile phone, IoT appliance, laptop, or desktop) to mine cryptocurrency. 

Here’s how your devices could be at risk for cryptojacking: 

• Browser-based cryptojacking: You click a malicious link in your email and are redirected to a website that hides mining script. While you’re on the site, the script connects your device to a mining pool and uses its computing power to mine cryptocurrency. The mining stops when you leave the site. 

• Fileless cryptojacking: This method uses your computer’s memory to mine crypto without leaving a trace on your hard drive. It uses built-in Windows tools like PowerShell to download and execute mining code. 

• Binary-based cryptojacking: You accidentally download a malicious executable file to your device. The program disguises itself as a legitimate system process and keeps running even after a reboot. 

• Cloud infrastructure cryptojacking: If your corporate login credentials are compromised, attackers can break in to install mining software. This means they can use your cloud computing resources without permission, which can lead to higher cloud service bills, slower app performance, and increased pressure on your IT team. 

• Supply chain cryptojacking: You download a software package that’s been hijacked to deliver mining malware. The software passes security checks but secretly mines crypto after it’s installed. This means even trusted apps can be compromised and used as a vehicle for cryptojacking. 

And that’s not all: Internet-connected devices (like your smart home appliances) can become part of the thief’s mining network. 

But how does cryptojacking really work? 

First, every program you run relies on your CPU performing a series of tasks in lockstep with its clock cycles. Crypto miners need massive numbers of those cycles to solve cryptographic puzzles and earn coins.  

So, they use malware or malicious scripts to redirect those cycles toward mining instead of running your apps. 

In other words, cryptojacking requires substantial computing power (measured in hashes per second). Each cryptographic hash is made up of thousands of operations, and each operation takes one or more clock cycles to complete. 

So, what Parks did was: 

• Hijack under-protected VMs (virtual machines) in cloud environments 

• Redirect their clock cycles away from legitimate tasks to run the cryptographic hashing for his illicit mining operations 

According to court documents, Parks redirected $3.5 million worth of computing resources to mine almost $1 million in cryptocurrencies. 

This brings us to an important question. 

How common is cryptojacking?  

You aren’t alone if you’ve never heard of cryptojacking, but it remains one of the fastest growing cybercrimes in the world.  

Parks is far from alone in his exploits: In just the first quarter of 2023, cryptojacking attacks stood at an eye-watering 332.3 million. That’s nearly 3.7 million attacks per day. And in 2025, cryptojacking incidents rose by 63%. 

Meanwhile, a MassJacker cryptojacking operation used about 778,531 cryptocurrency wallet addresses to steal digital assets from computers in March 2025. 

For every Charles Parks apprehended, hundreds remain in the shadows. If your devices were mining coins for someone else, would you recognize the warning signs?  

Before we explore this, it’s important to answer a key question: What makes cryptojacking a crime while crypto mining remains legal? 

What’s the difference between crypto mining and cryptojacking? 

The main difference lies in whose devices are supplying the resources for mining. 

While legitimate users deploy their own hardware and electricity, cryptojackers steal yours. Cryptojacking is theft, without consent or compensation for your generosity. 

If you’re wondering what the law says about this, the answer is more serious than you may think. 

Is cryptojacking illegal?  

Yes, cryptojacking is illegal. It violates state laws against unauthorized computer access, like New York’s Penal Law 156.05.  

The law states that using or accessing a computer without consent is a Class A misdemeanor. It’s punishable by 364 days in jail and a fine of up to $1,000 or three years of probation. 

Meanwhile, the UK’s Computer Misuse Act of 1990 and Australia’s Cybercrime Act of 2001 calls for prison terms of up to 10 years for serious offenses. 

Parks himself was convicted of wire fraud, money laundering, and unlawful monetary transactions. He received a one year and one day prison sentence and was ordered to forfeit $500,000 and his prized Mercedes Benz. 

How do you know if you’ve been cryptojacked?  

If your laptop fan is roaring louder than ever, it’s time to re-assess whether you have a cryptojacked device on your hands.  

 How to check for cryptojacking: The tell-tale signs your device is mining crypto 

Here are the unmistakable signs you’ve been cryptojacked: 

• Sudden, unexplained performance lags, even when doing simple tasks 

• Frequent overheating 

• Device battery draining faster than usual 

• Unexplained spikes in monthly electric bills 

• Abnormally high CPU usage and fans spinning at max speed, even without energy-intensive apps running 

How cryptojacking spikes your electric bill  

You may think your electricity bill is rising due to rate hikes or seasonal usage, until you take a closer look. 

Cryptojacking is notoriously power-hungry and has been shown to increase energy and cloud computing costs. After all, it takes $53 worth of system resources to produce $1 worth of cryptocurrency. 

But now, there’s another threat on the horizon stirring controversy across the United States.  

Proof-of-work crypto mining farms - in states like New York, Pennsylvania, Georgia, Arkansas, and Texas – are straining the energy grid. And while crypto miners are paying heavily discounted prices, residential customers are seeing their bills climb. 

In Texas, homeowners paid about 14.5 cents per kilowatt-hour in 2023, while crypto miners paid as little as 2.5 cents. New York sees a similar pattern, with residents at 22.3 cents and miners at 3 cents per kWh. 

Why does this matter? Subsidies driving these legal crypto mining operations are shifting the burden to everyday customers. 

In Texas alone, crypto mining has raised electricity costs by $1.8 billion annually. To add insult to injury, Texas grid operators paid miners millions of dollars to reduce operations during a heat wave, while residents who were asked to conserve energy actually saw their power bills rise. 

Whether it’s malicious actors hijacking your device or large mining farms benefiting from subsidies, the end result is clear: someone else’s cryptocurrency operation is costing you more on your electricity bill. That’s why understanding this hidden drain and protecting your devices is more important than ever.  

The ultimate prevention blueprint: How to stop cryptojacking 

As mentioned, cryptojackers don’t just exploit PCs; they also hijack smartphones, servers, desktops, and the IoT appliances connected to your life. 

Strengthening your defenses means taking practical steps to protect every device you use. 

Fortifying your devices: The seven (7) habits you must practice to stay safe (#6 is your single most important defense) 

Cryptojacking thrives on complacency. The good news is that a few simple habits can shut down attackers. 

#1 Update meticulously

Install every software and firmware patch as soon as it becomes available. Remember that threat actors are increasingly exploiting vulnerabilities only hours or days after discovery. 

#2 Limit permissions ruthlessly

On mobile and app devices, restrict app permissions to only what’s necessary. This reduces the chances of a compromised app using your device resources for cryptojacking. 

#3 Update default admin passwords NOW

Many devices like routers, web cams, and smart home appliances often ship with default credentials that are publicly known. In 2022, threat researchers recorded 139.3 million cryptojacking attempts on consumer-grade IoT devices, a 43% YoY increase. Use the LastPass generator as your ally to create strong, unique passwords according to the newest CISA and NIST guidelines. 

#4 Enabling multi-factor authentication

Since most cryptojacking campaigns begin by hijacking accounts, MFA adds a barrier that stops attackers from breaching systems to install mining malware. FIDO2 MFA options like passkeys and hardware security keys are strong choices because they are phishing-resistant and difficult to intercept. 

#5 Use reputable security tools

A trusted anti-malware solution can spot unwanted mining scripts and block them before they hijack your devices. For example, Acronis Cyber Protect Home Office uses behavioral heuristics and machine learning to detect crypto mining malware and browser-based mining scripts in real time. 

#6 Avoid suspicious links and downloads

Cryptojacking scripts almost always hide in phishing links or malicious ads. If you never click, the payload never installs. While no anti-malware solution stops 100% of threats, vigilance can be your greatest safeguard against cryptojacking. 

#7 Install browser protections

Since many crypto mining scripts and malicious redirects rely on JavaScript, you may have heard that disabling it in your browser is a good idea.  

However, disabling JavaScript can lead to a frustrating browsing experience, as it can break interactive features like shopping carts, menus, maps, video players, and other dynamic content. 

A smarter alternative would be using an extension like NoMiner to block coin mining domains, MinerBlock to blacklist known mining scripts, or an ad blocker like AdLock to block crypto mining ads.  

Beyond consumer protections: Three (3) key ways to lock down your business network against cryptojackers 

Now, if you’re reading this as an individual, the above steps are enough to protect your personal devices.  

But if you’re also a business owner, here’s the real truth: What puts your company at risk is what happens in the background, where mining scripts quietly drain your computing resources day and night. 

In 2024, highly skilled threat actors leveraged the NoaBot botnet to quietly plant Mirai-like crypto miners on devices. These malicious programs turned cloud servers into illicit mining machines.  

Ultimately, every hour of stolen CPU or GPU power isn’t just wasted electricity. It’s lost productivity, higher cloud service fees, shortened hardware lifespan, and service disruptions. 

That’s why preventing cryptojacking in a business setting requires a different playbook: 

#1 Deploy endpoint detection and response (EDR) tools with cryptojacking shields

Beyond traditional antivirus signatures, modern EDR tools use behavioral analytics to flag suspicious CPU activity indicative of cryptojacking. Combine EDR with CDR (content disarm and reconstruction) for a comprehensive defense.  

While EDR provides visibility on individual devices, CDR sanitizes files before they reach endpoints. Not only can CDR handle large volumes of data, but it can also remove malicious mining code before they execute in cloud workloads like virtual machines and containers. 

#2 Segment your network

Isolate IoT devices and guest networks from critical systems to prevent lateral movement. If attackers manage to breach one segment, they can’t move freely to hijack other resources. 

#3 Monitor outbound traffic to known mining pools and set resource controls

Many cryptojackers send proof-of-work results to a mining pool to collect their rewards. Here’s why. 

In a solo mining operation, a miner gathers all block header data and adds a nonce to compute a hash of the header.  

The miner’s hardware will repeatedly hash the block header, with a different nonce value each time, until the resulting hash meets a target. 

When that target is reached, the miner is said to have “solved the puzzle.” The final step occurs when others verify the block’s validity, and the miner receives the full block reward for their trouble. 

As you can see, this is a tedious process. In a pooled setup, the scammers send partial Proof-of-Work shares. By sending a steady stream of shares to a mining pool, they can secure small, constant payouts that add up over time. 

To monitor for unauthorized connections to mining pool IPs and domains, you can leverage a SIEM. 

What makes a SIEM platform so powerful is its ability to connect the dots. It can aggregate logs from multiple sources like endpoints, firewalls, and servers. 

A SIEM also lets you set up correlation rules, so you get alerts when things don’t add up, such as: 

• A sudden increase in CPU or GPU usage at odd hours 

• Traffic heading towards known mining pool addresses 

• Suspicious scripts trying to run on your system 

Finally, you can leverage infrastructure and container management tools to cap how much CPU or GPU power any single process can use.

Because cryptojacking relies heavily on exploiting processing power, you’ll want to set CPU and GPU quotas and configure automatic shutdowns when usage exceeds normal baselines for prolonged periods.  

While consumer protections are about peace of mind, enterprise protections are about safeguarding productivity, profitability, and trust. The sooner you implement them, the less vulnerable your business will be.  

Defending against cryptojacking: The role of password managers 

As mentioned, cryptojackers  often get a foothold in your systems through mining malware. And this foothold almost always starts with stolen or compromised passwords. 

This is where LastPass comes in. 

Paired with powerful defenses like SIEM monitoring, network segmentation, and CPU/GPU resource controls, LastPass can help you build a layered defense with: 

• World-class encryption and hardened security infrastructure: LastPass encrypts your vault with AES-256, the gold standard trusted by the military, hospitals, banks, and federal agencies. And with AES-256 largely resistant against quantum-assisted attacks, this means uninterrupted security from malware-driven credential theft. 

• Continuous threat monitoring: LastPass doesn’t just talk about security – we prove it. We employ world-class security organizations to conduct thorough, independent audits of our services and infrastructure. 

• Enterprise-grade privacy and compliance: Alongside these audits, LastPass adheres to industry-tested compliance standards, which you can review openly at our new Compliance Center. This means LastPass infrastructure defenses have been vetted by top-tier experts. So, when we say your security is our #1 priority, you can see the proof with your own eyes.   

• Secure vault with encrypted URLs: LastPass goes beyond encrypting your passwords. We also encrypt the URLs linked to each login in your vault. This means that attackers face an additional barrier to theft, as they can’t easily map credentials to your accounts. 

• User-friendly password generator: Cryptojackers thrive on reused passwords to get initial access. With LastPass, every login gets its own unique password. Our built-in generator lets you easily customize each password according to the newest CISA and NIST rules, so each of your accounts stays safe.   

• Smart autofill: The LastPass autofill tool minimizes risky behaviors that cryptojackers often exploit – like copy-pasting passwords from browser managers. Autofill functionality means you’ll never have to type in passwords again, preventing attackers from harvesting them through keyloggers. 

• 24/7 Dark Web Monitoring: With our premier Dark Web Monitoring services (available even for free users), you get instant alerts the second your email addresses are compromised. This means you can quickly update your passwords before attackers act. 

• Robust bug bounty program: We believe in rewarding those who help keep valued customers like you safe. Our bug bounty program ensures ethical hackers are rewarded for finding and reporting security flaws before the criminals do. This proactive approach means that potential vulnerabilities can be patched quickly, fulfilling our commitment to your safety and peace of mind. 

If you’re ready to enjoy effortless security, get your free trial of LastPass today. 

Type of account	Who it’s for	Free trial?
Premium	For personal use across devices	Yes, access it here
Families	For parents, kids, roommates, friends, and whoever else you call family (6 Premium accounts)	Yes, access it here
Teams	For your small business or startup	Yes, access it here
Business	For small or medium-sized businesses	Yes, access it here
Business Max	Advanced protection and secure access for any business	Yes, access it here

Disclaimer 

A password manager is an essential ally in preventing unauthorized access but must be combined with additional measures to prevent cryptojacking. While we strive to provide accurate information, no method guarantees complete security. 

To receive personalized guidance, it’s important to consult qualified security professionals who can provide advice suited to your situation. 

 

It’s also important to understand that password managers aren’t designed to store seed phrases and private keys. For those, dedicated hardware wallets and offline storage solutions remain the safest choices.