Increasing number of sites are using your CPU to mine cryptocurrency

Posted on Tuesday, Oct 31 2017 @ 11:15 CET by Thomas De Maesschalck
A month ago, The Pirate Bay made headlines as it was the first major website to experiment with cryptocurrency mining as a replacement for ads. This technique uses a JavaScript-based cryptocurrency mining service to harvest the CPU cycles of a visitor to mine cryptocurrency coins.

It's highly controversial and unfortunately it's now also abused by hackers to make an extra buck. First up, security firm Trend Micro made public that they've found several apps in the Google Play store that come with cryptocurrency mining capabilities. This makes smartphones run more slowly, and can cause them to overheat:
The efficacy of mobile devices to actually produce cryptocurrency in any meaningful amount is still doubtful. However, the effects on users of affected devices are clear: increased device wear and tear, reduced battery life, comparably slower performance.

Recently, we found that apps with malicious cryptocurrency mining capabilities on Google Play. These apps used dynamic JavaScript loading and native code injection to avoid detection. We detect these apps as ANDROIDOS_JSMINER and ANDROIDOS_CPUMINER.
Similarly, ARS Technica reports more and more websites are now serving crypto mining scripts. This is not always intentional as in many cases the script got injected by hackers:
Earlier this month, political fact-checking site was found hosting Coinhive scripts in a way that exhausted 100 percent of visitors computing resources. A PolitiFact official told Ars the incident occurred when "an unidentified hacker attached a crypto mining script to the PolitiFact code base being stored on a cloud-based server." The code has since been removed and was active only when people had a window open in their browser.
Popular overclocking website HWBOT suffered the same fate last weekend as the site's forum got hacked and injected with a cryptocurrency miner.

AdGuard recently stated they found crypto mining scripts on 220 of the Alexa top 100,000 list of most visited websites. So far it's still limited but it's likely to spread.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments