18067909587
工作日 9:00-19:00
Mining a cryptocurrency can be an expensive business. Producing new coins, also known as tokens, can require computers to solve cryptographic puzzles, which takes large amounts of power. One way to keep costs down is to relocate mines to wherever electricity is cheapest. Cheaper still is having others foot the bill. An unsuspecting organisation's power can be hijacked by stacking computers in a crawlspace or storage room, for example. Such operations, however, are regularly discovered, and culprits risk penalties and confiscated kit.
开采加密货币成本高昂。 生成新币(也称为代币)可能需要计算机解决复杂的密码学谜题,而这需要消耗大量电力。 降低成本的其中一种方法是将矿场迁移至电价最低的地区。 而更“划算”的方式则是让别人来承担这笔费用。 例如,有人会在毫不知情的机构中,将计算机堆放在狭小空间或储藏室里,从而窃取其电力。 然而,此类行为通常很快就会被发现,作案者将面临处罚,设备也会被没收。

A less risky and more scalable approach is to steal power by remotely sneaking crypto-mining software onto other people's computers. Crypto-jacking, as this trick is known, is booming. Over the course of 2025, instances jumped by about 20%, according to a note in November from GreyNoise, an American security firm. Victims take quite a hit. A study published in 2022 by Sysdig, a security company based in San Francisco, estimates that every dollar in crypto thus generated costs victims an average of $53 in computing expenses.
有一种风险更低、更具可扩展性的方法,即通过远程将加密货币挖矿软件偷偷植入他人计算机来窃取算力。 这种手段被称为“加密劫持”,如今正日益猖獗。 美国安全公司GreyNoise在2025年11月的一份报告中指出,全年加密劫持事件激增了约20%。 受害者损失惨重。 旧金山安全公司Sysdig在2022年发布的一项研究显示,加密货币挖矿者每赚取1美元,受害者平均需承担53美元的计算成本。
Part of the surge is due to the high value of cryptocurrencies in recent years (although there has been a drop in 2026). The barriers to crypto-jacking are also relatively low. The requisite software is readily obtained from underground web forums, says a specialist with Interpol's cybercrime unit in Singapore who required anonymity to comment on operations. And installing such software on computers is less challenging than stealing data, or, in the case of ransomware, holding it hostage. The upshot is that crypto-jacking shows no sign of going away.
加密劫持事件激增的部分原因在于近年来加密货币价值高企(尽管2026年有所下跌)。 此外,实施加密劫持的门槛也相对较低。 国际刑警组织新加坡网络犯罪部门的一位匿名专家表示,相关软件很容易从地下网络论坛获取。 而且,在计算机上安装此类软件比窃取数据或勒索软件劫持数据要容易得多。 因此,加密劫持现象短期内不会消失。
Among the most useful tools in crypto-jackers' arsenal are web-crawling bots. These packets of codes sniff out computers with security settings that are weak or which have not been changed since purchase. Many such bots are now roaming cyberspace, tipping off their masters when opportunities are spotted. Advanced artificial-intelligence models could, in theory, help identify additional targets, but Michael Clark, head of threat research at Sysdig, believes their edge over existing bots is not large enough to justify the expense.
加密劫持者最常用的工具之一是网络爬虫机器人。 这些代码包能够搜寻安全设置薄弱或购买后未更改设置的计算机。 如今,许多此类机器人在网络空间中四处游荡,一旦发现可乘之机便会向幕后主使报告。 理论上,先进的人工智能模型可以帮助识别更多目标,但Sysdig威胁研究主管迈克尔·克拉克认为,与现有机器人相比,其优势尚不足以抵消成本。
When vulnerabilities are found, crypto-jackers are often among the first to exploit them. Corporate computers rendered vulnerable by a configuration error are often commandeered within an hour, says Mr Clark. Servers are particularly attractive targets. They are always on, and surges in traffic are common. Also, because servers act as data-processing hubs for other computers, crypto-jacking software can often replicate itself on the network's spokes.
一旦发现漏洞,加密劫持者往往是最先利用它们的人。 克拉克表示,因配置错误而存在漏洞的企业计算机,通常在一小时内就会被劫持。 服务器是极具吸引力的目标。 它们始终处于运行状态,且流量激增的情况十分常见。 此外,由于服务器是其他计算机的数据处理中心,加密劫持软件通常能够在网络分支中自我复制。
Another way crypto-jackers can access computers is by finding login credentials unwittingly posted online. GitHub, a massive online repository of code, is a good place to look. And if a bot cannot find a server password, it might be able to guess it. In January 2025 it emerged that one such "password-spray attack" allowed crypto-jacking software to be run on servers rented by USAID, an American government agency, at a cost of nearly $500,000.
加密劫持者获取计算机访问权限的另一种方式是查找无意中发布到网上的登录凭证。 代码托管平台GitHub是一个理想的搜寻场所。 如果机器人无法找到服务器密码,它或许能够猜出密码。 2025年1月有消息称,一起“密码喷洒攻击”事件导致美国国际开发署(USAID)租用的服务器被植入加密劫持软件,造成近50万美元的损失。
Even bigger scams have come to light. In 2024 Ukrainian police, helped by Europol, arrested a man in Mykolaiv alleged to have used password-cracking software to mine cryptocurrency worth nearly $2m over the course of two years. On August 15th 2025 America's Department of Justice announced that a Nebraska man had crypto-jacked nearly $1m in tokens while simultaneously running up more than $3.5m in cloud-computing fees for his victims. He was sentenced to a year in prison.
更严重的诈骗事件也浮出水面。 2024年,在欧洲刑警组织的协助下,乌克兰警方在尼古拉耶夫逮捕了一名男子,该男子涉嫌在两年内使用密码破解软件挖掘价值近200万美元的加密货币。 2025年8月15日,美国司法部宣布,一名内布拉斯加州男子通过加密劫持窃取了价值近100万美元的代币,同时给受害者造成了超过350万美元的云计算费用损失。 该男子被判处一年监禁。
In recent years personal laptops and mobile phones have replaced corporate servers as prime targets, says Alex Delamotte of SentinelOne, a security firm in Mountain View, California. She attributes this to the rising value of Monero, one of the relatively few cryptocurrencies that can be mined on personal devices.
加州山景城安全公司SentinelOne的亚历克斯·德拉莫特表示,近年来,个人笔记本电脑和手机已取代企业服务器成为主要目标。 她将此归因于门罗币(Monero)等少数可在个人设备上开采的加密货币价值上升。
Individuals are also likely to be softer targets than outfits with a dedicated cybersecurity team. Scripts used for crypto-jacking—a list that includes Crypto-Loot, Minr and XMRig—can be illicitly embedded in email attachments, free apps, online "malvertisements" and even web browsers. When unsuspecting users click or visit, parasitic code invisibly deploys, often bypassing antivirus protection. In July c/side, a security firm in San Francisco, said it had discovered more than 3,500 websites infected with a stealthy crypto-jacking script it described as a "digital vampire".
与拥有专业网络安全团队的企业相比,个人也更容易成为攻击目标。 用于加密劫持的脚本(包括Crypto-Loot、Minr和XMRig等)可被非法嵌入电子邮件附件、免费应用程序、在线“恶意广告”甚至网页浏览器中。 当不知情的用户点击或访问时,寄生代码便会悄然部署,往往能绕过防病毒保护。 2025年7月,旧金山安全公司c/side表示,他们发现了3500多个感染了一种隐蔽的加密劫持脚本的网站,并将其描述为“数字吸血鬼”。
These problems continue to get worse, says the expert from Interpol. Crypto-jacking scripts are increasingly packaged as "fileless" code, which is much harder to spot when uploaded to a given device. Google tacitly acknowledged its inability to stamp out crypto-jacking on its cloud service when it introduced, in 2023, a programme to provide certain victims credits worth up to $1m for losses incurred over any 12-month period.
国际刑警组织的专家表示,这些问题仍在不断恶化。 加密劫持脚本越来越多地被打包为“无文件”代码,这种代码在上传到设备后更难被发现。 2023年,谷歌推出了一项计划,为特定受害者提供最高100万美元的信用额度,以补偿其在12个月内遭受的损失,这间接承认了其云服务无法根除加密劫持问题。
Security firms, however, aim to adapt. New forensic software packages analyse processing loads, data traffic and electricity usage, flagging spikes and other suspicious patterns. And heavyweights, Google and Microsoft included, are increasingly folding advanced AI models into such offerings. Some hope that these models will become experts at spotting crypto-jackers' tricks as well as—eventually—automatically deleting malicious code. Until the cryptocurrency bubble bursts, though, expect the arms race to continue.
然而,安全公司也在积极应对。 新型取证软件包通过分析处理负载、数据流量和用电量,标记异常峰值和其他可疑模式。 谷歌和微软等科技巨头也越来越多地将先进的人工智能模型融入此类产品中。 一些人希望,这些模型能够成为识别加密劫持者伎俩的专家,并最终自动删除恶意代码。 不过,在加密货币泡沫破裂之前,这场军备竞赛预计将持续下去。