• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Cryptojacking: Over 2,500 Websites Out There to Steal Your CPU Time

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
37,696 (8.52/day)
Location
Hyderabad, India
Processor AMD Ryzen 7 2700X
Motherboard ASUS ROG Strix B450-E Gaming
Cooling AMD Wraith Prism
Memory 2x 16GB Corsair Vengeance LPX DDR4-3000
Video Card(s) AMD Radeon RX 5700 XT
Storage Western Digital Black NVMe 512GB
Display(s) Samsung U28D590 28-inch 4K UHD
Case Corsair Carbide 100R
Audio Device(s) Creative Sound Blaster Recon3D PCIe
Power Supply Antec EarthWatts Pro Gold 750W
Mouse Razer Abyssus
Keyboard Microsoft Sidewinder X4
Software Windows 10 Pro
Cryptojacking is a new phenomenon, which was popularized by ThePirateBay embedding its website with a Javascript-based crypto-currency miner. It quickly sprung up the debate on whether crypto-currency miners hidden into web-pages could become the revenue model of the future, replacing online advertising or paid subscriptions. Some commentators argue that it's fine as long as users are made sufficiently aware that a website is embedding a miner, and is presented with a choice between ads and the miner. Others were steadfast against the idea as heavy Internet browsing (across multiple tabs), could bring down computers to a crawl, and have a more than tangible impact on electricity bills.

According to an ArsTechnica report, there could be at least 2,500 websites out there, with embedded crypto-currency miners that are hidden from the users. Willem de Groot, an independent cybersecurity researcher told the publication that he estimates JS miners may have proliferated to 2,496 websites, and its adoption is on the rise. Some dishonest websites embed miners as a revenue source in addition to ads and sponsored content. At the heart of the controversy is Coinhive. This company sells easy-to-integrate crypto-currency miners that can be embedded into websites as a revenue source. The company is on a marketing overdrive, writing to siteops and bloggers to spread their miners.



The softest targets of Coinhive appear to be Wordpress blogs that are struggling to make money off cheap ads. This is a troubling trend because blogs that don't disclose running embedded miners risk reducing the credibility of the blogging platform they're based on (Wordpress, Blogger) as a whole, readers would avoid emerging blogs as they'd fear running into hidden miners.

Making matters worse, neither Google, nor Mozilla, have come up with anti-miner measures built into Chrome or Firefox. Ad-block Plus, the popular browser extension that disables web ads, introduced a feature that disables scripts that exhibit mining behavior, with a nascent degree of heuristics. You can also install this Chrome extension to weed-out Coinhive scripts. The more experienced users among you can edit your Hosts file to nullroute Coinhive. Popular anti-virus vendors such as Kaspersky and McAfee, which include anti-phishing features with their software, have set out to identify and block sites with embedded miners.

View at TechPowerUp Main Site
 
Joined
Mar 6, 2012
Messages
501 (0.18/day)
Processor i5 4670K - @ 4.8GHZ core
Motherboard MSI Z87 G43
Cooling Thermalright Ultra-120 *(Modded to fit on this motherboard)
Memory 16GB 2400MHZ
Video Card(s) HD7970 GHZ edition Sapphire
Storage Samsung 120GB 850 EVO & 4X 2TB HDD (Seagate)
Display(s) 42" Panasonice LED TV @120Hz
Case Corsair 200R
Audio Device(s) Xfi Xtreme Music with Hyper X Core
Power Supply Cooler Master 700 Watts
How about you block the domain coinhive.com from your firewall ? Or just block in your OS ? Will that not help ?

EDIT: Never mind, found out anti mining extension for chrome.
 
Last edited:
Joined
Jul 16, 2014
Messages
3,175 (1.62/day)
Location
SE Michigan
System Name Dumbass
Processor AMD-9370BE @4.6
Motherboard ASUS SABERTOOTH 990FX R2.0 +SB950
Cooling CM Nepton 280L
Memory G.Skill Sniper 16gb DDR3 2400
Video Card(s) GreenTeam 1080 Gaming X 8GB
Storage C:\SSD (240GB), D:\Seagate (2TB), E:\Western Digital (1TB)
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Logitech G700s
Keyboard Logitech G910 Orion Spark
Software windows 10
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
so is there an actual list of websites that have been caught mining?
 
Joined
Dec 14, 2016
Messages
129 (0.12/day)
upon recent reddit threat (don't ask me where exactly) I switched from ABP to uBlock and never encounter any chrome tab using high CPU load since TBP announcement.
Plus it is more efficient against cunt sites that blocks ad-block users and all site that phishing for tracking user activity.
 
Joined
Mar 26, 2006
Messages
492 (0.10/day)
Location
Stamford, UK
System Name The Money Sink
Processor Intel i7-5960X at 4.60Ghz
Motherboard MSI X99A Godlike
Cooling Custom watercooling loop, single D5 -> CPU, dual D5 -> GPU's
Memory 64GB DDR4-3000
Video Card(s) 2 x 1080Ti @ Stock for the moment (40oC LOAD)
Storage 960GB Mushkin Scorpion Deluxe and 2 x 512GB M.2 SSD RAID0
Display(s) Dual Curved LG 34" Display
Power Supply EVGA 1600W G2
Software Windows 10
Benchmark Scores ALOT
I don't really get it, I would MUCH rather do this than have ads thrown at me left, right and center!
 

SARVAMANGALAM

New Member
Joined
May 30, 2017
Messages
23 (0.03/day)
This "earning" is everywhere.. just in slovakia they find over 250 web . s.
first find was catch on infamous "msm" server
dennikn.sk
And informed about this on safe news web server DSL.sk, 27.9.2017 : http://www.dsl.sk/article.php?article=20260
http://www.dsl.sk/article.php?article=20354&title= DSL.sk, 22.10.2017

http://www.dsl.sk/article.php?article=20264


use yandex to translate

I recommend for all always use the anti-crypto add in your browser + antivir just like addblocks is now in browsers for years ..
 
Last edited:
Joined
May 4, 2012
Messages
969 (0.35/day)
Location
Ireland
System Name SilentIO
Processor AMD Ryzen 5 2600X
Motherboard Asus TUF B450M-Pro Gaming
Cooling Corsair H60
Memory 2x8GB Corsair Vengeance LP @3400 CL16
Video Card(s) MSI GTX 1070 Gaming
Storage 2x Samsung 840 EVO 120GB in Raid0, Samsung 960 PRO 1TB
Display(s) Qnix QX2710 Evolution II Matte 27 @120Hz
Case Cooler Master Silencio 352
Audio Device(s) SoundBlaster e5 + Kingston HyperX Cloud II / Logitech Z333 + Blue Snowball
Power Supply Corsair CX500M
Mouse Corsair Scimitar
Keyboard Corsair K65
Software Windows 10 Pro x64, Xubuntu 19.04
I don't really get it, I would MUCH rather do this than have ads thrown at me left, right and center!
There are many scenarios where you’d rather see ads than mine crypto currency.

-Some of these scripts can use up all 100% of CPU resources.
-There are lots of slow machines that actually need all CPU power just to display 720p video content.
-People that keep 50 tabs open in their browsers.
-Gaming while you have browser with couple of tabs open.

The idea is quite good but people must be aware of that and should have an option to stop/pause it.
 
Joined
May 29, 2012
Messages
475 (0.17/day)
System Name The Cube
Processor i7 - 4770K @ 4.2GHz
Motherboard ASUS Maximum VI Hero
Cooling Corsair H110 w/ 2x Cougar Vortex 140mm Fans
Memory 32GB G.Skill Z-series @ 2133Mhz
Video Card(s) 2 x EVGA GTX 1070 FTW
Storage 1 x 256GB Samsung 840 Pro, 1 x 512GB Samsung 850 EVO & 2 x 2TB WD BLACK RAID 0
Display(s) Alienware AW3418DW
Case Corsair Carbide Air 540
Power Supply Seasonic PRIME 1000W Titanium
Software Windows 10 Pro 64-bit
Joined
Jan 31, 2012
Messages
1,821 (0.64/day)
Location
Bulgaria
System Name Sandfiller
Processor I3-7100
Motherboard Asus PRIME Z270-P
Cooling Noctua NH-L9i
Memory 2 x 8GB Cruicial 2400 mhz DDR4 CL17
Video Card(s) RX 580 4GB NITRO+
Storage Cruicial M.2 275GB drive + WD black 500 GB + WD Blue 640 GB
Display(s) 2560x1080 LG 29"
Case TT URBAN R31
Audio Device(s) Creative Sound Blaster Z
Power Supply Fractal Design IntegraM 650W
Mouse Logitech G602
Keyboard Dell Somethin wireless
Software Windows 10 x 64 bits
I don't really get it, I would MUCH rather do this than have ads thrown at me left, right and center!
Ahahaha. You made me LoL :)

Ontopic: I have "Family shield" DNS on the router + uBlock + paid license for BitDefender Internet Security + Malwarebytes Free, which I fire up from time to time. No 3rd party mining on my RIG. On a side note the paid version of bitdefender seems worse to me than the free version.
 
Joined
Aug 2, 2012
Messages
566 (0.21/day)
Location
Netherlands
System Name TheDeeGee's PC
Processor Intel Core i7 4770K
Motherboard Gigabyte Z87X-UD5H
Cooling Noctua NH-U14S
Memory Crucial Ballistix Tactical LP 16GB
Video Card(s) MSI GTX 1070 AERO OC
Storage Crucial M4 256GB, 2x Western Digital 1TB 2,5"
Display(s) EIZO CX240
Case Antec P280
Audio Device(s) Creative SoundBlaster ZxR
Power Supply Seasonic P-760
Mouse Logitech G500s
Keyboard Logitech G710+
Software Windows 10 Pro 64-Bit
If you use ublock origin you can also subscribe to the "Resource Abuse" filter list and not have to install another third party browser extension.
Just noticed that filter, it's enabled by default it seems :)

Good stuff!
 
Joined
Oct 2, 2004
Messages
13,791 (2.49/day)
I've also asked developers of Ghostery if they plan including crypto miners into their block lists. Still waiting for response.
 
Joined
Mar 9, 2009
Messages
227 (0.06/day)
Location
Denmark
Processor Intel I7 4790k
Motherboard MSI Z87 - G45
Cooling Noctua NH-D15S
Memory 16gb 1600mhz (2000mhz OC)
Video Card(s) Gigabyte GTX 1080
Storage 750gb + 256gb ssd, 2TB HDD
Display(s) Samsung C24fg70 144hz
Case Fractal Design Define C
Audio Device(s) Motherboard, Realtek
Power Supply CM Silent Pro M1000
Mouse Roccat Kone XTD
Keyboard HyperX Alloy FPS Mechanical Gaming Keyboard
Software Windows 10 x64
Thanks m8.
While on the topic of extensions, do you know of any extension to block web pages from "bypassing" an adblock? :p I got adblock Origin but some sites tell me to disable it to view the content :c..
 
Joined
Oct 2, 2004
Messages
13,791 (2.49/day)
Thanks m8.
While on the topic of extensions, do you know of any extension to block web pages from "bypassing" an adblock? :p I got adblock Origin but some sites tell me to disable it to view the content :c..
uBlock has "Anti AdBlock" rules. Enable "Adblock Warning Removal list" and "Anti AdBlock Killer". Though some pages will still complain...
 

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
27,970 (6.18/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
Mining botnet
 
Joined
Feb 9, 2009
Messages
1,564 (0.40/day)
There are many scenarios where you’d rather see ads than mine crypto currency.

-Some of these scripts can use up all 100% of CPU resources.
-There are lots of slow machines that actually need all CPU power just to display 720p video content.
-People that keep 50 tabs open in their browsers.
-Gaming while you have browser with couple of tabs open.

The idea is quite good but people must be aware of that and should have an option to stop/pause it.
can we get some benchmarks? i'm not sure if (modern browser) JS is capable of low cpu priority or any other relevant checks

-chrome/ium was adding some javascript background tab throttle feature, did that come out?
-does coinhive stuff scale across multiple cores?
-is it only running on the active tab? (that would be nice of them, it's possible since they gave a responsibility message a few weeks ago, i havent tested, consider how ads are only seen on the active tab so it makes sense)
-there are many one click methods to block ads or mining, meaning the situation hasnt changed much, the user still has tons of control, so in that case mining can be considered nicer & something many people may choose to temporarily not block or whitelist on certain sites or time periods
 
Top