Home The Current Internet Rage: Websites Mining Crypto-currency

The Current Internet Rage: Websites Mining Crypto-currency

It seems that one can never browse the net safely. The moment you are connected to the internet, your safety is at risk. In comes “Coinhive”, a crypto currency mining service/software, which many cyber security firms have declared as the top malicious threat to web users. Coinhive is a crypto currency mining service, which is implemented in a website by installing a small amount of computer code. This code once run, tends to use up all the computing power of any browser that visits the website, in an attempt to use the visiting machine for mining Monero cryptocurrency.

Monero is slightly different from Bitcoin in the sense that Monero transactions are virtually untraceable. It is stated to be quite difficult for a third party to track Monero transactions between two persons. Making it the ultimate choice for cyber criminals. It all started with Coinhive releasing its mining code last year to web site owners as a source of earning money without having to run irritating advertisements on their site. However, this very soon became a security breach because the code started getting installed on hacked web sites, without the owner knowing about it. Once a user visits an infected website, the Coinhive code locks up the user’s browser and drains the devices battery in the process of mining Monero coins, this continues to happen as long as the user is browsing the site.

As of today there are approximately 22031 websites running Coinhive’s JavaScript miner code; though it is not necessary that each of these sites have installed the code intentionally. Another development that has happened over a period of time is the fact that it has started appearing at a variety of places depending on the ingenuity of the hacker. One of the most interesting implementations were seen in a Starbucks store in Buenos Aires, Argentina. The Wi-Fi network of the store had been modified in such a manner that any user trying to browse through the network would receive the web page embedded with Coinhive miner code. Another interesting deployment was seen in the GitHub site, wherein the miner code loaded from GitHub repositories inside legitimate websites via hidden iframes. This is not a new method for malware delivery, but a first as far as in-browser mining script delivery is concerned.Coinhive, was also reportedly discovered on the BlackBerry Mobile website. It was placed there by hackers who exploited a vulnerability in the site's e-commerce software that allowed them to anonymously mine cryptocurrency every time the website was viewed.

Now coming to the business model. What does Coinhive get out of all this?In step one, Coinhive distributes the codefor cryptocurrency miningfree to all web site owners. In step two, whenever any user browses the site, the crypto currency mining software uses the computational power of the user’s desktop PC / laptop for mining of crypto currency transactions. In step three, Coinhive keeps 30% of whatever amount of Monero cryptocurrency that is mined, whether or not a Web site has given consent to run it. The code is tied to a special cryptographic key that identifies which user account is to receive the other 70%. Whenever anybody complains about any specific deployment, they terminate the key.Itdoesn’t stop the malicious JavaScript from running, the only difference is that now Coinhive keeps 100% of the mined currency.

For the purpose of looking legitimate, Coinhive also has a version of its code called “AuthedMine”, Thisversion of the code is designed to ask a web site visitor for their permission for running the Monero mining scripts. However, as per cyber security firm Malwarebytes, this version of the software is hardly used. As per telemetry data provided by Malwarebytes, AuthedMine is used in a little more than one percent of all cases that involve Coinhive’s mining code.

Coinhive version: Coinhive feels that it has introduced a legitimate way for website owners to earn revenue, wherein they replace advertisements with cryptocurrency code. They also suggest it as a way to generate in-game currency for online games. Quoting the developers, “We believe that in-browser mining could become a viable alternative to micro payments. Users pay with their CPU time and electricity in exchange for contents or services.”

The mobile industry is also not safe. Hackers have been targeting mobile users for cryptocurrency mining since 2014. Android users in particular should refrain from downloading and installing apps from untrusted app stores, and should only rely on Google Play or other genuine app stores for their app requirements. Though, in the past a lot of shady apps have made it into Google Play, but at the end of the day Google does endeavor to find and remove them.

References
  1. https://publicwww.com/websites/%22coinhive.min.js%22/
  2. https://krebsonsecurity.com/2018/03/who-and-what-is-coinhive/
  3. https://www.bleepingcomputer.com/news/security/cryptojackers-found-on-starbucks-wifi-network-github-pirate-streaming-sites/
  4. Sophos : CoinMiner and other malicious cryptominers targeting Android
Previous Article
Debashish Bose
Senior Fellow
Contact at: [email protected]

Read more
Share
  • Facebook Comment
  • Post Your Comment
(Case Sensitive)
Article Search
More Articles by Debashis...
Catalan Independence : Russian Bullseye
# 1848 December 23, 2017
Cloud Maturity for Defence Forces: Amazo
# 1841 December 14, 2017
Was It "BrickerBot"? The Never Ending S
# 1820 November 13, 2017
THE KASPERSKY FIASCO : THE WAY FORWARD
# 1815 November 03, 2017
more-btn
Books
  • Space Security : Emerging Technologies and Trends
    By Puneet Bhalla
    Price Rs.980
    View Detail
  • Securing India's Borders: Challenge and Policy Options
    By Gautam Das
    Price Rs.
    View Detail
  • China, Japan, and Senkaku Islands: Conflict in the East China Sea Amid an American Shadow
    By Dr Monika Chansoria
    Price Rs.980
    View Detail
  • Increasing Efficiency in Defence Acquisitions in the Army: Training, Staffing and Organisational Initiatives
    By Ganapathy Vanchinathan
    Price Rs.340
    View Detail
  • In Quest of Freedom : The War of 1971
    By Maj Gen Ian Cardozo
    Price Rs.399
    View Detail
  • Changing Demographics in India's Northeast and Its Impact on Security
    By Ashwani Gupta
    Price Rs.Rs.340
    View Detail
  • Creating Best Value Options in Defence Procurement
    By Sanjay Sethi
    Price Rs.Rs.480
    View Detail
  • Brave Men of War: Tales of Valour 1965
    By Lt Col Rohit Agarwal (Retd)
    Price Rs.320
    View Detail
  • 1965 Turning The Tide; How India Won The War
    By Nitin A Gokhale
    Price Rs.320
    View Detail
  • Indian Military and Network-Centric Warfare
    By Prakash Katoch
    Price Rs.895
    View Detail
more-btn