Sunday, 15 October 2017

Hundreds Of websites mining cryptocurrency without user consent






Previously it was reported that torrent search platform The Pirate Bay and other popular siteshave been using visitor PCs to mine cryptocurrency and new reports have revealed that these are not the only websites that are exploiting our PCs but hundreds of websites are mining cryptocurrency without notifying the users.

Bitcoin or Monero are some types of cryptocurrencies that can be mined and received through computation. When a site that is mining cryptocurrency is visited, there is a surprising surge in the CPU usage, which can prove to be beneficial for website owners because when a large number of PCs donates their powers, the mining is successful in earning revenues.

The report published by Adguard states that within merely weeks since the revelation about The Pirate Bay, there is an astounding increment in sites that mine cryptocurrencies through PCs of their site’s visitors.

Reportedly, 0.22% of the top 100,000 sites on Alexa List are discovered to be mining cryptocurrency, which means about 220 sites are involved in mining while the average of visitors on these sites is nearly 500 million and this audience arrive from various parts of the world from the USA and Europe to Asia and South America. While JSEcoin and CoinHive are the two most common and popular scripts that are employed to acquire cryptocurrency.

Adguard explains that around $43,000 have been raked in by these domains without any expenditure and within only three weeks. Reports also reveal that The Pirate Bay made $12,000 per month through cryptocurrency as the traffic flow is quite heavy on its domain.

It is worth noting that most of the websites that are using miners are not as reliable and come from the blurry background. These include torrent search sites, pornographic sites, domains that host pirated content and similar other sites.

As per the analysis of Adguard, websites having “shady reputation” are involved in browser mining; these sites otherwise find it difficult to make money through standard advertising practices, therefore, they use such tactics. Sites offering video-based content are most likely to generate income through mining more than any other.

However, if handled appropriately, mining of cryptocurrency has immense potential as many users would agree to lend their CPUs so that they could get rid of annoying ads; but consent of users must be given importance. Domain operators need to respect end users and seek permission. Without user consent, domain operators are putting their reputation at risk, which might prove to be detrimental to their image in the long run.

CoinHive released the following statement after learning about the mining scheme used by websites:


“We’re a bit saddened to see that some of our customers integrate CoinHive into their pages without disclosing to their users what’s going on, let alone asking for their permission. We believe there’s so much more potential for our solution, but we have to be respectful to our end users.”

Remember that adblockers will block these scripts and it is on developers of cryptocurrency mining scripts and domain operators to transform this scheme into a reliable alternative to advertising.


“Providing a real alternative to ads and users who block them turned out to be a much harder problem. CoinHive, too, is now blocked by many ad-block browser extensions, which — we have to admit — is reasonable at this point,” stated CoinHive rep.

0 comments:

Post a Comment

Popular Posts


Types of SQL Injection

SQL injection is a code injection method, used to attack data-driven applications. This vulnerability allows a hacker to submit crafte...

Blog Archive