UPDATED 23:10 EDT / OCTOBER 15 2017

INFRA

Cryptomining hijacking goes mainstream, affecting up to 500M users

More and more sites are secretly hijacking the computer processing power of visitors to mine for cryotocurrency as a report over the weekend identified Politifact among the latest sites to be targeted.

Overall, according to one ad blocking company, the process is now so widespread that hundreds of millions of people now encounter dubious cryptomining scripts daily.

Politifact, a fact-checking site run by the Tampa Bay Times, was discovered to be using the Coin Hive JavaScript injection code. That first came to light in September in a report by TechCrunch, but the site has now removed the code “and is looking into how it got there.”

That news coincided with a report from AdGuard that claims that the spread of sites using cryptominers is ballooning. Some 220 of the top 100,000 websites online now using cryptomining JavaScript injections, with those sites earning $43,000 in cryptocurrency by running the code.

Coin Hive had been the only cryptomining code provider fingered in previous examples of cryptomining hijacking, but AdGuard also detected that three new companies have entered the fray: JSECoin, Crypto Loot and MineMyTraffic. The report claimed that cryptomining has gone “viral” and that about 500 million people may have been exposed to cryptomining code to date, with the figure likely continuing to rise.

Backing the same conclusions made by RiskIQ Inc. in its report on the rise of cryptomining late September, AdGuard noted that many of the sites using cryptomining code sit in the “gray zone,” mostly pirate TV and video sites, Torrent trackers and porn websites.

Unsurprisingly, not everyone is fond of the idea that websites should be serving code to visitors, without permission, that hijacks their computing power to mine for cryptocurrency. Earlier this month, content delivery network provider Cloudflare Inc. was the first major service provider to ban sites using cryptomining scripts, saying the code could be malware and therefore a breach of its terms and conditions.

Given the growing spread of the method, anyone who uses a web browser should be concerned at this point. So far ad blockers, such as Adblock Plus, offering cryptomining blocking built in, while Google Chrome users can also obtain an add-on to block them via this link.

Photo: Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU