Abstract

The rapid expansion of cloud computing has made it a prime target for cryptojacking—a stealthy attack where unauthorized actors hijack cloud resources to mine cryptocurrency. These attacks degrade performance and inflict significant financial costs on organizations. This systematic literature review examines the evolving methodologies of cloud-based cryptojacking and evaluates the efficacy of AI-driven detection solutions. Based on a structured screening of 26 studies (yielding 16 primary studies), our findings indicate a shift in attacker strategies toward exploiting underlying infrastructure and container vulnerabilities. While AI models demonstrate high theoretical accuracy, practical deployment is hindered by high false-positive rates and the challenge of distinguishing malicious mining from legitimate, resource-intensive cloud workloads. We recommend the development of lightweight, multi-modal detection models to improve operational resilience.