Yoav Vilner

@YoavVilner

Are You Mining for Bitcoins Without Your Consent?

At the start of 2018, barely a day goes by without another cryptocurrency story making the headlines.

Anyone who takes the time to delve into the blockchain technology that lies behind all the hype will realize that this is tech that’s here to stay. Whether applied to finance, security, or healthcare, the encrypted nature of blockchain technology is astonishing, and a little bit scary.

Recently, however, the technology got a little out of control and some 500,000,000 (yes, that’s half a billion…) users may have had their computer processors hijacked for cryptocurrency mining.

Cryptojacking

The new kid on the malware block is called cryptojacking. This is a process whereby adware and spyware programs morph into the hijacking of a computer or mobile phone microprocessor with the sole purpose of using it to perform cryptocurrency mining operations. These are complex algorithms that require intense processing brainpower.

In addition, they make the hijacked computers operate at full capacity which results in high electricity consumption. These cryptojackers are therefore not only stealing the processing capabilities of your device, but they also have the cheek to make you pay for the electricity bill! The actual damage is triggered by unsuspecting users visiting affected websites which initiates JavaScript procedures that affect and access endpoint devices.

Chief Culprit

One of the main culprits of this enterprise is a program called Coinhive, which is used to mine the cryptocurrency Monero. Market watchers were able to track this code by watching load spiking and other anomalous behaviors. In addition to the covert crypto mining, some cryptojacking programs also managed to steal cryptocurrency wallets that contained valuable cryptocurrency portfolios.

The Pirate Bay (TPB), one of the most renowned online torrent file-sharing websites was found using the Coinhive application to raise funds for its own website. In its defense, the site’s owners claimed that they were trying to switch from adverts that nobody wanted to sucking processing power from their user base.

Unfortunately for TPB, they failed to disclose their activities to their users and were caught in a compromising position.

Coffee Break

Another incidence of online cryptomining theft was highlighted by Noah Dinkin, the Chief Executive of email provider Stensul who noticed some unusual delays when surfing in Starbucks, his favorite coffee shop. Dinkin shot of the following Tweet to the coffee chain’s head office:

Starbucks responded immediately, confirming that they had blocked the offending site, stating that they were in no way complicit in the same type of questionable activity in which TPB had voluntarily participated.

Profitable Business

A study commissioned by the company behind ad-blocking program Adguard, discovered that websites deploying CoinHive had made approximately 43,000 USD during the three-week testing period, which is a huge sum considering the minimal risk run by the cryptojackers themselves.

The study analyzed over 100,000 top Internet sites and found that more than 200 sites had been affected by Coin Hive and other cryptojacking programs like JSEcoin. With the main target countries being the US, India, Russia, and Brazil, it is clear this is a truly global phenomenon. Some of the other sites affected include Showtime, Politifact, and the website of the UFC as well as video sites such as RapidVideo, OnlineVideoConverter, and Openload.

Help is at Hand

One of the great things about the Internet is that no sooner has some mischievous activity been uncovered than someone else arrives on the scene with a solution.

So, if you’ve noticed any slower than normal performance on your laptop or cellphone, or if you’ve encountered mysterious delays on certain websites, you too might be the victim of a cryptojacker. However, there are many tools out there that can help you defeat cryptojackers. One of them is a Chrome browser add-in called No Coin.

This app blocks any illicit activity that would turn your computer or smartphone into a cryptomining factory. The well-known anti-malware program AdBlock is also capable of blocking these dastardly diggers. To deploy AdBlock, go to your list of extensions, find AdBlock and click ‘Options’. Then click the ‘Customize’ tab at the top of the page, click ‘Block an ad by its URL’, and enter this string.

This action will stop Coinhive dead in its tracks. AdBlock and No Coin are just the tip of the iceberg. It is always better to be safe than sorry, so it is best to arm yourself with the most recent security tools. If you don’t know where to start looking, you can always rely on reviews sites like this, or this one.

While most Internet users will be thoroughly annoyed at the idea of someone stealing their computer or smartphone’s processing power, there’s no question that this process is quite impressive. Nobody would have dreamed of such an activity even 12 months ago.

Fortunately, there is a defense, but many people who are unaware that they’ve been cryptojacked will be helping cyber criminals to steal their money. For this reason, it is important to expose this activity to the wider community where it can be mitigated and ultimately stopped.

More by Yoav Vilner

Topics of interest

More Related Stories