Evolving trends in cryptomining malware: a systematic literature review
摘要
The rise of ‘cryptojacking’ – the covert use of victim resources for unauthorised cryptocurrency mining – has become a significant cyber threat since the introduction of Bitcoin. Such cryptomining malware secretly hijacks a user’s computational power to generate cryptocurrency without their knowledge or consent, leading to reduced and/or degraded performance at the victim’s expense. This paper presents a systematic literature review of 119 articles tracing the evolution of cryptomining malware, past trends in their dissemination and detection, security recommendations, and anticipated future developments. We specifically highlight the dual impact of this threat, which targets not only individual users on devices like IoT, mobile phones, and cloud infrastructures, but also critical national infrastructure, large corporate networks, and high-traffic websites. Our analysis reveals that the threat landscape, which significantly expanded around 2017, continues to grow steadily. Additionally, we systematically identify and discuss detection methods – such as network traffic analysis, CPU utilization monitoring, and machine learning classifiers – as well as security recommendations like browser extensions, patch management, and network-level blocking. Our findings highlight the urgent need for a unified, multi-stakeholder security strategy to mitigate this pervasive and adaptable threat.