Cyber criminals shut down parts of the Web in October 2016 by attacking the computers that serve as the internet’s switchboard. Their weaponof choice? Poorly secured Web cameras and other internet-connected gadgets that have collectively come to be known as the Internet of Things (IoT). The attack created a minor panic among people trying to visit Sony PlayStation Network, Twitter, GitHub and Spotify’s Web sites, but it had little long-term effect on internet use or the hijacked devices. Less than two years later, however, security experts are sounding the alarm over a new and possibly more nefarious type of IoT attack that “cryptojacks” smart devices, surreptitiously stealing their computing power to help cyber criminals make digital money.