Cryptocurrency mining is a process that allows computer users to ride the wave of the decentralized digital assets boom. It’s a benign concept in itself, moreover, the whole blockchain-sustained economy wouldn’t work without it as it requires an immense aggregate processing capacity contributed by numerous players in this domain. However, the way mining is implemented makes a difference. It’s okay as long as a user makes an informed decision to dedicate their CPU and GPU resources for the appropriate calculations. On the other hand, it’s definitely malicious if the user’s computer power is exhausted against their will.

The Cryptonight entity demonstrates this complex duality to the fullest. It is a specially crafted proof-of-work algorithm employed by some privacy-centered coins, including Monero, Bytecoin, and Electroneum. The shady side of this algo is a piece of malware that’s installed and executed on PCs in a covert fashion and harnesses its processing capacity to mine digital assets without asking the user. The latter incarnation of Cryptonight adds JavaScript to the mix and exhibits Trojan-like behavior, which is why a number of security solutions detect it as JS:Cryptonight or similar.

In order to make sure the infection infiltrates a host stealthily, its authors are in cahoots with some freeware promotion portals that distribute free applications and shareware by means of lightweight installation clients. The biggest catch about this marketing method is that users never know what’s coming bundled with the apps of choice unless they opt out of the default setup mode. It’s only the custom install option that discloses the cross-promoted objects and allows deselecting them. Since most people go the easy route, though, the Cryptonight virus lurking under the recommended configuration gets on board without really asking for permission.

When inside a computer, the malicious code instantly lays its cyber-hands on the central processing unit or graphics card, attempting to exploit its resources to mine a specific form of cryptocurrency. It’s an ultimate resource hog as it consumes up to 100% of the machine’s power, so the victim will certainly run into system performance issues. The Cryptonight virus may also be configured to run at a predetermined time. The Internet connection speed will also go down as the pest has a bandwidth footprint while generating network traffic to reach out to different mining pools. At the end of the day, JS:Cryptonight renders the contaminated computer slow and irresponsive, so it needs to be removed without delay. Read more about computer viruses on

Author's Bio: 

David Balaban is a computer security researcher with over 15 years of experience in malware analysis and antivirus software evaluation. David runs the project which presents expert opinions on the contemporary information security matters, including social engineering, penetration testing, threat intelligence, online privacy and white hat hacking.