Over the past few months there has been an alarming rise in the number of websites running code that silently joyrides computers and secretly makes them mine digital currency for miscreants.
For example, DNS provider ZoneEdit was running Coin Hive code on 324 parked web domains: on Monday this week, the biz coughed up to the sneaky inclusion and removed the code. Las Vegas ladies of the night were also mining crypto-currency on punters' PCs. A Colombian government agency's site was also hijacked to covertly craft coins. A parody website was even created to "warm" your MacBook as winter approaches: obviously, it was running a miner.
Let's get ready to grumble! UFC secretly choke slams browsers with Monero miners
While a few sites chose to deliberately run Coin Hive – such as ZoneEdit and the Pirate Bay – the number of websites unwittingly running the code, inserted by persons unknown, is much higher. We've already seen organizations fromUFC toCBS Showtime running Coin Hive inadvertently, and this latest scan shows Papa John's Pizza in Mexico and the US National Association of Doctors are harvesting Monero, neither of which are likely to have installed it deliberately. Papa John's in Ecuadorwas also pwned to run Coin Hive code on its site.
In addition it appears that many of these mining operations are being run by one person. Mursch found that one “Mohammad Khezri” of Iran seems to be controlling a vast number of mining operations spread across many domains to maximize returns.
Naturally not many people are wild about contributing their power and CPU cycles to make other people money, and security software and some ad blockers actively shut down Coin Hive's code when it is loaded into browsers. The miner's programmers are fine with that, and have stopped developing the software in favor of AuthedMine , which asks permission before getting mining – however, the original sneaky code is still the go-to miner of choice for online crims.
The best of the rest
There are alternatives, such as JSECoin .
In the meantime, Mursch has put in a request to Google engineers to add some kind of blocking code into Chrome that can block coin miners. While there's nothing wrong with informed use of coin mining software – it is supposed to be an alternative way for webmasters to earn money besides adverts – the quickly increasing scale of the problem suggests that such blocking measures will have to be taken in browsers to curb the menace of these CPU-cycle thieves. ®