It bleeds off computing resources, putting them to work for the miners who control the software, working for them to solve complex cryptographic puzzles which generate revenue for the hackers. However, that's not much of a direct threat. As such, relatively few resources are put toward dealing with such infections. They simply tend to be given a lower priority.
That's almost certainly a mistake for a couple of different reasons:
First, the amount of computing power this type of malware eats up can be quite severe. In some cases, it utilizes up to fifty percent of the infecting computer's processing power, which as you might expect, can dramatically impact system performance.
Second, and more troubling and problematic, is that the mining software establishes a beachhead on your network. Once any type of mining software is installed and running on a target system, it's in communication with the hackers' command and control server. Anytime the hackers choose to, they can use that connection to install more damaging malware on the target system, including keyloggers, scrapers, ransomware and the like.
Even worse, hackers can use their toehold inside your network to infect any other device that the initially infected PC is connected to on your network, which means that very quickly, you could go from having a single infected PC to having a network wide problem that can bring your company to its knees.
The bottom line is simply this: Cryptojacking may not appear overly dangerous on the surface, but if they're not dealt with quickly and decisively, they could open the door to much more significant issues. Make sure your IT staff is giving these types of infections the attention they deserve.