The Coinjackers Are Coming To Get You – Websites Using Your CPU To Mine Crypto Without Permission

Laptop getting hotter than usual? You may be mining crypto for somebody else

Everyone simply wants to get the gold, or rather cryptocurrency, some do it in a way that is in line with the markets and beneficial to the community. Others do it by means that may not be so beneficial to you. What do we speak of? You might be mining for someone else and you might not even know it! Yes, what we speak of is, somewhat unthinkable, you’re doing the work and other people are getting coins from your computing power? It is very much a possibility and you should be aware.

Many popular sites have been reportedly affected by the code that allows the user who’s placed it on their site to use your computer to cryptomine for them. When you visit the affected sites, the host is mining cryptocurrency on your processing power without your permission. One of the most recent websites has been the UFC site, which was found to be mining Monero at their readers expense. The thing about the code that enables the one who has placed to utilize your computer to mine is that It can be placed in ads or pretty much anything. If the site used a plug-in loading stuff from another domain, that could be the access point. The culprit in UFC’s case was Coin Hive’s JavaScript code that silently ran on their site.

Yet, the issue is that it might only have been reported on a couple of websites but the problem might be much more widespread. The Co-Founder and Head of Security at Byte.nl, Willem De Groot, a web host in the Netherlands with more than 6,500 domains – published a blog post about the matter. The blog post was detailed a Gitlab that presented a much larger phenomenon, there were at least 2,496 e-commerce websites running CoinHive’s Monero mining script.  

De Groot does not believe that many of these sites are not placing this code on their sites to be able to mine cryptocurrency, he believes that the problem lies with hackers and that they are the one’s who should be held responsible and accountable for their deeds. His findings show that about 85 percent of the sites that run the script were connected to two CoinHive accounts. Proving that it is very possible that this act was conducted by hackers.

De Groot stumbled on this phenomenon while doing some online shopping and noticed that something strange was going with his computer. Suddenly, his laptop computer was getting hot, he couldn’t understand why it was getting hot and did some investigating. He states “I was sitting on the couch doing some shopping online, and then my laptop got hot. I dove into it and looked through our crawlers, which look for malware around the clock on the cached front pages of many sites. We were quickly able to see how many instances of this particular software were running. There are about 30,000 websites running it now, and the large part of it is ‘gray area’ sites—adult, illegal software, etc. I was surprised with the number of shops and other legitimate sites that are also running it,”

What can be done to protect yourself?

Simply make sure that you have an antivirus software installed on your computer and that you’re utilising ad blockers as well. Luckily many antivirus software programs bring up warnings before entering sites which use this kind of covert mining software. Apart from that there’s no way to know for sure without knowing what you’re looking for, yet!

Hopefully as the cryptocurrency world matures, solutions will be brought about to warn, prevent or even make the process beneficial for you too!

By | 2017-11-16T20:37:33+00:00 November 16th, 2017|News|0 Comments

Leave A Comment