Get yourself a crypto tee or surprise a crypto enthusiast in your life with our festive Coin Bureau Merch!
Coinhive Miner Proliferating
5 min read

Coinhive Miner Proliferating Exponentially

By Editorial Team

Launched on the 14 of September, Coinhive is a relatively new website JavaScript plugin that garnered some interest from the cryptocurrency community. However, over the past month, it has grown at a near exponential rate and is mining vasts amounts of Monero for those who are using it legitimately or otherwise.

It has been discovered on sites such as the Piratebay, CBS ShowTime and a number of other streaming websites. Some of these are been done by the actual webmasters themselves while others are exploiting vulnerabilities in well-known websites in order to make money with them in an elicit fashion.

This is not the first time that miners have used malware to mine crytpocurrency from unsuspecting users. It was recently discovered by Kaspersky security labs that hackers had spread windows exploits that mined Monero on a user’s PC in the background.

What is Coinhive?

Coinhive Monero Miner WebsiteFor those who have not heard about it, Coinhive is a JavaScript library that someone can insert into their websites code. It is then programmed to self-execute in the browser of the user and will utilise their CPU to crunch some numbers on the Monero blockchain.

Although many may look at it as a potentially malicious script, it does have legitimate users and was developed explicitly for that purpose. Instead of these sites having to rely on advertising revenue that could hamper user experience, Coinhive allows the users to contribute to the site through processing power.

For example, the Pirate bay which is a large torrent site, made use of the miner in a test session. This was unfortunately short lived as many users complained about their browsers being used for the benefit of the webmaster. This seemed to have got the ball rolling though.

Next came the news the CBS Showtime brand’s website had the curious miner embedded in its code. This was quite suspicious as many people believed CBS would not have implemented this as it would hamper user experience. However, the SetThrottle in the code on ShowTime was set at 0.97 which implies that it only mines 3% of the time. This is not the usual MO of a cyber-criminal.

Using Coinhive on a site can indeed be quite a profitable venture. For example, a recent analysis has concluded that a site with the traffic such as Pirate Bay is likely to make about 12k a month from the mining.

Yet, any innovation no matter the intent could eventually be used for the benefit of cyber criminals and this is exactly what happened in this case as the code spread to all corners of the hacking community.

Exponential Growth

Coinhive Threat Warning AVGAs hackers have realised the potential of the miner, so has it cropped up in a number of other locations. For example, it has been located in the source code of a chrome plugin. This would allow the hackers to mine from the users every time they are using their chrome browser.

Hackers have also used chameleon domains in order to trick the users. For example, they would register a domain such as facebooc.com or the like which looks like the original site. Once users enter this domain they are taking to the fake site which runs the script. Of course, this is only for a short period of time as the user will eventually bounce.

However, if the hacker was to create a number of different chameleon domains like this then they are likely to be able to mine a large amount of Monero across a range of different sites.

Of course, why should a hacker create their own domain when they can merely hack existing websites with a great deal of traffic. This has happened as reports by Sucuri.net have discovered sites with the popular WordPress and Magento CMSs that have been hacked and the code inserted.

These scripts could also be used for a number of adware campaigns as the hackers have realised that users are becoming increasingly immune to these ads. Hence, they could make much more if they just load the ads with the JavaScript plugin and let it tick away in the background.

How to Avoid it

You would be pleased to know that a few ad blocking plugins are now beginning to realise the threat posed by JavaScript miners and have started to actively block the script from executing. For example, AdBlock plus is able to recognise the script in the background.

There are also a number of browser plugins that have been developed solely for the purpose of blocking the miners. These include such plugins as MinerBlock and Antiminer.

The Subtle Threat

Although the cybercrime that makes the headlines are the ones that tend to scare, they are sometimes less effective as those that attempt to go under the radar. This is exactly what malware mining scripts are designed to do.

Moreover, because they go unnoticed for a relatively long period of time, people do not report them and hence remove them. This means more profit for the miner. Even though coinhive was developed as an alternative method for site fundraising, it has been exploited.

As a user, if you are able to install the right preventative measures on your browser then you are likely to counter the threat (at least for now).

Featured Image via Fotolia

Editors at large. Posting the latest news, reviews and analysis to hit the blockchain.
View all posts by Editorial Team -> Best Crypto Deals ->

Related Posts

FTX Exchange
Withdrawals not Halted at FTX: Instead Binance will Buy FTX
FTX Exchange

Withdrawals not Halted at FTX: Instead Binance will Buy FTX

November 9th, 2022 3 min read
OKX invests in WAX
OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX
OKX invests in WAX

OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX

June 3, 2022 2 min read
Binance partners with the weekend
Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour
Binance partners with the weekend

Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour

June 3, 2022 2 min read
21Shares Releases Sixth State of Crypto Report
21Shares Releases Sixth State of Crypto Report: Summary
21Shares Releases Sixth State of Crypto Report

21Shares Releases Sixth State of Crypto Report: Summary

June 2, 2022 3 min read
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

June 2, 2022 2 min read
Regulators are “Not Allowing” Banks to Engage with Crypto
Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto
Regulators are “Not Allowing” Banks to Engage with Crypto

Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto

June 1, 2022 2 min read
US Conference of Mayors Introduces Blockchain Resolution
US Conference of Mayors Introduces Blockchain Resolution
US Conference of Mayors Introduces Blockchain Resolution

US Conference of Mayors Introduces Blockchain Resolution

June 1, 2022 2 min read