Photo via BTC Keychain/Flickr (CC-BY)
You may be helping hackers create free money.
If you experienced a sudden drop of performance when visiting Politifact on Friday, it was most likely because the popular fact-checking website was fast busy taxing your computer’s resources to make money—and no, you’re not getting a cut.
Hackers allegedly compromised the website and inflicted it with a cryptocurrency-mining script, a program that uses visitors’ CPU power to generate Monero, a digital currency like Bitcoin that professes anonymity.
The same script appeared on Showtime’s website late last month, though it was quickly removed after news broke on Twitter and several tech publications. Showtime never made it clear whether the script was added intentionally or was the result of their website being compromised. Pirate Bay intentionally experimented with the script but later removed it due to negative visitor feedback.
These are just a few of the increasing number of cases where the resources of computers like yours or mine have been hijacked to generate digital money without their owners’ consent. With the prices of cryptocurrencies steadily rising, plenty of people—including malicious hackers—are on the lookout to pad their wallets.
What is cryptocurrency mining?
While you can always buy cryptocurrencies on online exchanges, an alternative way to obtain them is to “mine” them, which will cost nothing if others are doing it for you.
Cryptocurrencies run on blockchain technology, a distributed ledger that exists on thousands of computers at the same time and obviates the need for middlemen and brokers such as banks and financial institutions. Records are stored on the ledger in blocks and are linked together through cryptographic equations, hence the name.
Before a new block is added to the blockchain, it has to be validated and verified through solving complicated mathematical problems. The process, called mining, requires a lot of computing power and ensures that no one can compromise the integrity of the system.
Anyone can become a miner by installing mining software and joining the network. The first miner to solve the equation gets to append the new block to the blockchain and be rewarded in cryptocurrencies and transaction fees.
Mining bitcoins requires huge amounts of computing power and requires specialized hardware available in large data centers. On the other hand, Monero, which was launched in 2014, can be mined with ordinary CPUs. Hackers can easily get involved by assembling a mining botnet, a network of computers infected with malware that enables cybercriminals to control them from afar.
How hackers are mining cryptocurrencies
Coinhive, the script used on the Showtime and Pirate Bay sites, was developed by a namesake company earlier this year and was introduced as “a viable alternative to intrusive and annoying ads that litter so many websites today.” It was also meant to address the rise of ad-blockers, which are hurting the bottom line of websites that rely on ads. The hosting website takes 70 percent of the proceeds and the rest goes to Coinhive. (The user naturally gets nothing.)
Given the inconspicuous way the script works, it has become a favorite money-making tool for hackers. In the past weeks, the script has popped up in numerous Google Chrome extensions and hacked WordPress and Magento websites.
Coinhive has expressed disappointment in the shady use of its tools and has promised to alter the script to obtain visitors’ consent before using their CPU for mining in the future. Meanwhile, several ad-blockers have added support to block Coinhive’s script.
However, Coinhive is not the only tool hackers are using to mine cryptocurrencies. Cryptocurrency mining malware and schemes have been around for several years. But the past months have seen a spike in mining activity, largely due to the rising price of cryptocurrencies.
Slovakian cybersecurity vendor ESET recently discovered a malware that exploits unpatched vulnerabilities in Windows Server 2003 machines to mine tens of thousands of dollars’ worth of Monero every month.
Kaspersky Labs reported that cryptocurrency-mining malware has targeted more than 1.65 million computers in the first eight months of 2017, an uptick compared to previous years. IBM’s X-Force security team has found a sixfold increase in cryptocurrency-mining attacks aimed at enterprise networks.
How to protect yourself against cryptocurrency miners
While cryptocurrency miners won’t steal your data or encrypt your files like other malware, they are annoying nonetheless and can negatively impact the performance of your computer. Here are several ways you can prevent hackers from lining their pockets with your CPU:
- Install an antivirus and keep it up to date: Most antivirus solutions detect and removing cryptocurrency mining tools as harmful software.
- Install an ad-blocker: If you’re using AdBlock Plus or AdGuard, both block Coinhive’s JS library.
- Install a cryptomining blocker extension on your browser: Developers have created Chrome extensions that scan your browser and terminate scripts that “look” like Coinhive. AntiMiner, No Coin, and minerBlock are three plugins that will help protect you against cryptocurrency miner scripts.