Cryptojacking has Grown in Popularity

“Free” websites are free because they display ads to generate revenue, but some website owners are forgoing ads for crypto-miners that are loaded into your browser without your knowledge or consent. Cryptojacking began with less than reputable websites such as The Pirate Bay and phishing websites, but that is slowing changing.Cryptojacking is becoming more mainstream, and as a result, more people are at risk of having their system resources stolen. The most popular cryptocurrency for browser mining is Monero, and coincidently Monero is beginning to be the hackers choice for payment from victims.

Mining cryptocurrency involves computers (miners) that validate transactions on the currency blockchain through performing complex calculations to solve a math problem and is rewarded by being given a varying amount of the currency based on computing power (hashes a second). The blockchain is a ledger that is distributed across thousands of computers (miners) that provides a way to store information that is validated (mining) with high availability because of it’s distributed nature.

Some notable websites that loaded crypto-miners into your browser are Showtime, Politifact, and the Ultimate Fighting Championships’ pay-per-view site.

CoinHive is the most popular developer of cryptojacking scripts and takes 30% of what is mined. CoinHive advertises their browser miner as a private and secure way to get paid instead of displaying “shady” ads.

Security researcher Willem de Groot published his findings on how many sites use cryptojacking scripts on November 7th, 2017.

cryptojacking

Willem found 2,496 e-commerce sites that use CoinHive scripts and 80% of the 2,496 sites also contained payment skimming malware. CoinHive requires a unique ID for reporting and authentication, and 85% of infected e-commerce stores used one of two of those unique IDs. A Malwarebytes report for October reveals that their software blocked 8 million cryptojacking attempts a day.

The US ranks #1 in cryptojacking attempts at 32% of the total attempts worldwide.

The best way to protect yourself is by using a third-party ad blocker plugin or use the Opera browser that has built-in protections for cryptojacking.

Source: Willem, makeuseof