Wednesday, November 8th 2017

Cryptojacking: Over 2,500 Websites Out There to Steal Your CPU Time

Cryptojacking is a new phenomenon, which was popularized by ThePirateBay embedding its website with a Javascript-based crypto-currency miner. It quickly sprung up the debate on whether crypto-currency miners hidden into web-pages could become the revenue model of the future, replacing online advertising or paid subscriptions. Some commentators argue that it's fine as long as users are made sufficiently aware that a website is embedding a miner, and is presented with a choice between ads and the miner. Others were steadfast against the idea as heavy Internet browsing (across multiple tabs), could bring down computers to a crawl, and have a more than tangible impact on electricity bills.

According to an ArsTechnica report, there could be at least 2,500 websites out there, with embedded crypto-currency miners that are hidden from the users. Willem de Groot, an independent cybersecurity researcher told the publication that he estimates JS miners may have proliferated to 2,496 websites, and its adoption is on the rise. Some dishonest websites embed miners as a revenue source in addition to ads and sponsored content. At the heart of the controversy is Coinhive. This company sells easy-to-integrate crypto-currency miners that can be embedded into websites as a revenue source. The company is on a marketing overdrive, writing to siteops and bloggers to spread their miners.
The softest targets of Coinhive appear to be Wordpress blogs that are struggling to make money off cheap ads. This is a troubling trend because blogs that don't disclose running embedded miners risk reducing the credibility of the blogging platform they're based on (Wordpress, Blogger) as a whole, readers would avoid emerging blogs as they'd fear running into hidden miners.

Making matters worse, neither Google, nor Mozilla, have come up with anti-miner measures built into Chrome or Firefox. Ad-block Plus, the popular browser extension that disables web ads, introduced a feature that disables scripts that exhibit mining behavior, with a nascent degree of heuristics. You can also install this Chrome extension to weed-out Coinhive scripts. The more experienced users among you can edit your Hosts file to nullroute Coinhive. Popular anti-virus vendors such as Kaspersky and McAfee, which include anti-phishing features with their software, have set out to identify and block sites with embedded miners.Source: ArsTechnica
Add your own comment

19 Comments on Cryptojacking: Over 2,500 Websites Out There to Steal Your CPU Time

#1
jigar2speed
How about you block the domain coinhive.com from your firewall ? Or just block in your OS ? Will that not help ?

EDIT: Never mind, found out anti mining extension for chrome.
Posted on Reply
#2
DeathtoGnomes
so is there an actual list of websites that have been caught mining?
Posted on Reply
#4
HimymCZe
upon recent reddit threat (don't ask me where exactly) I switched from ABP to uBlock and never encounter any chrome tab using high CPU load since TBP announcement.
Plus it is more efficient against cunt sites that blocks ad-block users and all site that phishing for tracking user activity.
Posted on Reply
#5
Exceededgoku
I don't really get it, I would MUCH rather do this than have ads thrown at me left, right and center!
Posted on Reply
#6
SARVAMANGALAM
This "earning" is everywhere.. just in slovakia they find over 250 web . s.
first find was catch on infamous "msm" server
dennikn.sk
And informed about this on safe news web server DSL.sk, 27.9.2017 : http://www.dsl.sk/article.php?article=20260
http://www.dsl.sk/article.php?article=20354&title= DSL.sk, 22.10.2017

http://www.dsl.sk/article.php?article=20264


use yandex to translate

I recommend for all always use the anti-crypto add in your browser + antivir just like addblocks is now in browsers for years ..
Posted on Reply
#7
FYFI13
Exceededgoku said:
I don't really get it, I would MUCH rather do this than have ads thrown at me left, right and center!
There are many scenarios where you’d rather see ads than mine crypto currency.

-Some of these scripts can use up all 100% of CPU resources.
-There are lots of slow machines that actually need all CPU power just to display 720p video content.
-People that keep 50 tabs open in their browsers.
-Gaming while you have browser with couple of tabs open.

The idea is quite good but people must be aware of that and should have an option to stop/pause it.
Posted on Reply
#8
RejZoR
Exceededgoku said:
I don't really get it, I would MUCH rather do this than have ads thrown at me left, right and center!
Yeah, same. But when I get properly notified about it and gives me a decision whether I want to run it or not. Or at least notify me and I'll decide to stay on the webpage or never ever return again...
Posted on Reply
#11
lZKoce
Exceededgoku said:
I don't really get it, I would MUCH rather do this than have ads thrown at me left, right and center!
Ahahaha. You made me LoL :)

Ontopic: I have "Family shield" DNS on the router + uBlock + paid license for BitDefender Internet Security + Malwarebytes Free, which I fire up from time to time. No 3rd party mining on my RIG. On a side note the paid version of bitdefender seems worse to me than the free version.
Posted on Reply
#12
TheDeeGee
Solidstate89 said:
If you use ublock origin you can also subscribe to the "Resource Abuse" filter list and not have to install another third party browser extension.
Just noticed that filter, it's enabled by default it seems :)

Good stuff!
Posted on Reply
#13
RejZoR
I've also asked developers of Ghostery if they plan including crypto miners into their block lists. Still waiting for response.
Posted on Reply
#14
Kofoed
RejZoR said:
Mining Blocker (Opera & Firefox)
https://addons.opera.com/en/extensions/details/mining-blocker/
https://addons.mozilla.org/en-US/firefox/addon/miningblocker/

Antiminer (Chrome)
https://chrome.google.com/webstore/detail/antiminer-no-1-coin-miner/abgnbkcdbiafipllamhhmikhgjolhdaf
Thanks m8.
While on the topic of extensions, do you know of any extension to block web pages from "bypassing" an adblock? :P I got adblock Origin but some sites tell me to disable it to view the content :c..
Posted on Reply
#15
RejZoR
Kofoed said:
Thanks m8.
While on the topic of extensions, do you know of any extension to block web pages from "bypassing" an adblock? :p I got adblock Origin but some sites tell me to disable it to view the content :c..
uBlock has "Anti AdBlock" rules. Enable "Adblock Warning Removal list" and "Anti AdBlock Killer". Though some pages will still complain...
Posted on Reply
#17
zlobby
RejZoR said:
I've also asked developers of Ghostery if they plan including crypto miners into their block lists. Still waiting for response.
I suggest you drop ghoosery asap.
Posted on Reply
#18
RejZoR
Ghostery confirmed they already block some and more miner "bots" are planned to be blocked.
Posted on Reply
#19
kn00tcn
FYFI13 said:
There are many scenarios where you’d rather see ads than mine crypto currency.

-Some of these scripts can use up all 100% of CPU resources.
-There are lots of slow machines that actually need all CPU power just to display 720p video content.
-People that keep 50 tabs open in their browsers.
-Gaming while you have browser with couple of tabs open.

The idea is quite good but people must be aware of that and should have an option to stop/pause it.
can we get some benchmarks? i'm not sure if (modern browser) JS is capable of low cpu priority or any other relevant checks

-chrome/ium was adding some javascript background tab throttle feature, did that come out?
-does coinhive stuff scale across multiple cores?
-is it only running on the active tab? (that would be nice of them, it's possible since they gave a responsibility message a few weeks ago, i havent tested, consider how ads are only seen on the active tab so it makes sense)
-there are many one click methods to block ads or mining, meaning the situation hasnt changed much, the user still has tons of control, so in that case mining can be considered nicer & something many people may choose to temporarily not block or whitelist on certain sites or time periods
Posted on Reply
Add your own comment