Skip to main content
Springer Nature Link
Log in

Dissecting the Infrastructure Used in Web-Based Cryptojacking: A Measurement Perspective

  • Conference paper
  • First Online:
Information Security Applications (WISA 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 15499))

Included in the following conference series:

  • 6 Accesses

Abstract

This paper conducts a comprehensive examination of the infrastructure supporting cryptojacking operations. The analysis elucidates the methodologies, frameworks, and technologies malicious entities employ to misuse computational resources for unauthorized cryptocurrency mining. The investigation focuses on identifying websites serving as platforms for cryptojacking activities. A dataset of 887 websites, previously identified as cryptojacking sites, was compiled and analyzed to categorize the attacks and malicious activities observed. The study further delves into the DNS IP addresses, registrars, and name servers associated with hosting these websites to understand their structure and components. Various malware and illicit activities linked to these sites were identified, indicating the presence of unauthorized cryptocurrency mining via compromised sites. The findings highlight the vulnerability of website infrastructures to cryptojacking.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aloqaily, M., Pandit, V.: IEEE conference on blockchain and cryptocurrency(ICBC’23). IEEE Commun. Mag. 61(11), 6–9 (2023)

    Article  MATH  Google Scholar 

  2. Alrawi, O., et al.: Forecasting malware capabilities from cyber attack memory images, pp. 3523–3540. USENIX Security (2021)

    Google Scholar 

  3. Alrawi, O., Zuo, C., Duan, R., Kasturi, R.P., Lin, Z., Saltaformaggio, B.: The betrayal at cloud city: an empirical analysis of cloud-based mobile backends, pp. 551–566. USENIX Security (2019)

    Google Scholar 

  4. Bhatia, N., Bansal, S., Desai. S.: A detailed review of blockchain and cryptocurrency. CoRR, abs/2303.06008 (2023)

    Google Scholar 

  5. Burgess, J., O’Kane, P., Carlin, D., Sezer, S.: MANiC: multi-step assessment for crypto-miners. In: International Conference on Cyber Security and Protection of Digital Services. IEEE

    Google Scholar 

  6. Carlin, D., Burgess, J., O’Kane, P., Sezer, S.: You could be mine(d): the rise of Cryptojacking. IEEE Secur. Priv. 18(2), 16–22 (2020)

    Article  Google Scholar 

  7. Carlin, D., O’Kane, P., Sezer, S., Burgess, J.: Detecting Cryptomining using dynamic analysis. IEEE PST (2018)

    Google Scholar 

  8. Du, Y., Alrawi, O., Snow, K.Z., Antonakakis, M., Monrose, F.: Improving security tasks using compiler provenance information recovered at the binary-level. In: CCS, pp. 2695–2709. ACM (2023)

    Google Scholar 

  9. Duan, R., et al.: Automating patching of vulnerable open-source software versions in application binaries. NDSS (2019)

    Google Scholar 

  10. Garriga, M., Arias, M., Renzis, A.D.: Blockchain and Cryptocurrency: a comparative framework of the main architectural drivers. CoRR, abs/1812.08806 (2018)

    Google Scholar 

  11. Hajiaghapour-Moghimi, M., et al.: Hedging investments of grid-connected PV-BESS in buildings using cryptocurrency mining: A case study in Finland. IEEE Access 11, 66327–66345 (2023)

    Article  Google Scholar 

  12. Jayasinghe, K., Poravi, G.: A survey of attack instances of Cryptojacking targeting cloud infrastructure, pp. 100–107. ACM APIT (2020)

    Google Scholar 

  13. Kshetri, N., Rahman, M.M., Sayeed, S.A., Sultana, I.: cryptoRAN: a review on cryptojacking and ransomware attacks wrt banking industry - threats, challenges, & problems. CoRR, abs/2311.14783 (2023)

    Google Scholar 

  14. Kshetri, N., Voas, J.M.: Cryptojacking. Computer 55(1), 18–19 (2022)

    Article  Google Scholar 

  15. Lachtar, N., Elkhail, A.A., Bacha, A., Malik, H.: A cross-stack approach towards defending against cryptojacking. IEEE Comput. Archit. Lett. 19(2), 126–129 (2020)

    Article  Google Scholar 

  16. Menati, A., Cai, Y., Helou, R.E., Tian, C., Xie, L.: Optimization of cryptocurrency mining demand for ancillary services in electricity markets, pp. 3052–3061. HICSS (2024)

    Google Scholar 

  17. Mohaisen, A.: Towards automatic and lightweight detection and classification of malicious web contents, pp. 67–72. IEEE HotWeb (2015)

    Google Scholar 

  18. Mohaisen, A., Alrawi, O.: Unveiling Zeus: automated classification of malware samples, pp. 829–832. WWW (2013)

    Google Scholar 

  19. Mohaisen, A., Alrawi, O.: AV-meter: an evaluation of antivirus scans and labels. In: DIMVA, vol. 8550, pp. 112–131. Springer (2014)

    Google Scholar 

  20. Mohaisen, A., Alrawi, O., Mohaisen, M.: AMAL: high-fidelity, behavior-based automated malware analysis and classification. Comput. Secur. 52, 251–266 (2015)

    Article  Google Scholar 

  21. Naseem, F.N., Aris, A., Babun, L., Tekiner, E., Uluagac, A.S.: MINOS: a lightweight real-time cryptojacking detection system. NDSS (2021)

    Google Scholar 

  22. Perdisci, R., Papastergiou, T., Alrawi, O., Antonakakis, M.: IoTfinder: efficient large-scale identification of IoT devices via passive DNS traffic analysis. In: IEEE EuroS &P, pp. 474–489. IEEE (2020)

    Google Scholar 

  23. Rajba, P., Mazurczyk, W.: Limitations of web cryptojacking detection: a practical evaluation. In: ARES 2022: The 17th International Conference on Availability, Reliability and Security, Vienna, Austria, 23–26 August 2022, pp. 1– 6. ACM (2022)

    Google Scholar 

  24. Saad, M., Khormali, A., Mohaisen, A.: End-to-end analysis of in-browser cryptojacking. CoRR, abs/1809.02152 (2018)

    Google Scholar 

  25. Saad, M., Mohaisen, D.: Analyzing in-browser cryptojacking. IEEE Trans. Dependable Secure Comput. 1, (2024)

    Google Scholar 

  26. Saad, M., et al.: Exploring the attack surface of blockchain: a comprehensive survey. IEEE Commun. Surv. Tutorials 22(3), 1977–2008 (2020)

    Article  MATH  Google Scholar 

  27. Tekiner, E., Acar, A., Uluagac, A.S.: A lightweight IoT cryptojacking detection mechanism in heterogeneous smart home networks. NDSS (2022)

    Google Scholar 

  28. Wang, A., Chang, W., Chen, S., Mohaisen, A.: Delving into internet DDoS attacks by botnets: characterization and analysis. IEEE/ACM Trans. Netw. 26(6), 2843–2855 (2018)

    Article  MATH  Google Scholar 

  29. Xiao, R., Li, T., Ramesh, S., Han, J., Han, J.: MagTracer: detecting GPU cryptojacking attacks via magnetic leakage signals, pp. 1–15. ACM MobiCom (2023)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Central Florida, Orlando, USA

    Ayodeji Adeniran, Kieran Human & David Mohaisen

Authors
  1. Ayodeji Adeniran
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kieran Human
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. David Mohaisen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ayodeji Adeniran .

Editor information

Editors and Affiliations

  1. Sejong University, Seoul, Korea (Republic of)

    Jong-Hyouk Lee

  2. Kanazawa University, Kanazawa, Japan

    Keita Emura

  3. Gachon University, Seongnam, Korea (Republic of)

    Sokjoon Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2025 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Adeniran, A., Human, K., Mohaisen, D. (2025). Dissecting the Infrastructure Used in Web-Based Cryptojacking: A Measurement Perspective. In: Lee, JH., Emura, K., Lee, S. (eds) Information Security Applications. WISA 2024. Lecture Notes in Computer Science, vol 15499. Springer, Singapore. https://doi.org/10.1007/978-981-96-1624-4_21

Download citation

  • DOI: https://doi.org/10.1007/978-981-96-1624-4_21

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-96-1623-7

  • Online ISBN: 978-981-96-1624-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics