Press "Enter" to skip to content

Cryptojacking: When Your Computer Is Secretly Mining Cryptoassets

 What is cryptojacking?

The introduction of internet has made it easy for individuals especially the millennials to access everything that they need. It has made us believe in the fairytale where we can access everything for free. A lot of “free” apps and websites claim that their service free, but there is always a cost, even though it is invisible: For instance, in the free websites there are many ads and cookies that collect your data. Now, there’s a new way to make money from you: Some of the websites take advantage and make profits by using your computer to generate cryptocurrencies, or virtual currencies, a process which is called cryptojacking. Several popular file sharing websites and video streaming services are now using cryptojacking to make money. Examples include: Openload, Streamango, Rapidvideo and OnlineVideoConverter. These websites are loading a mining JavaScript software onto visitors’ computers, making them generate virtual currencies and specifically, the cryptocurrency Monero. The reason for using Monero is that it’s way easier and faster to mine Monero comparing to Bitcoin, and it’s also untraceable, making it easier to for hackers get away with cryptojacking. Unlike Bitcoin, mining Monero doesn’t require ASICs (Application-Specific Integrated Circuits), and can be done with any GPU or CPU.

Cryptojacking is the secret use of computer devices to mine cryptocurrency

Cryptojacking is the secret use of computer devices to mine cryptocurrency. It is achieved through secretly installing a software on users’ computers that unknowingly mines cryptocurrency. There is no need for an installation process like before. When the user downloads the video player to stream a video, the mining software is loaded into the users’ browser and starts the mining process. Some of the sites which have been affected include UFC live-streams, CBS Showtime, and some of the official government websites in Bangladesh and Moldova.

Who is Responsible for Cryptojacking?

Coinhive, a new player in the crypto market, offered to mine the digital currency Monero using a unique method. They offered a unique code, written in JavaScript, which would integrate into the websites’ platforms. They offered website owners the option to remove ads from their websites. Through that, they believed that they would achieve two primary goals: First, offering ad-free experience for website users: most online users find online advertisements annoying. Second, online businesses are losing customers and visitors because of the ads. Hence, the introduction of cryptojacking would help them to bypass the ads and have a new source of revenue.

This is from the Coinhive’s website:

“Coinhive offers a JavaScript miner for the Monero Blockchain that you can embed in your website. Your users run the miner directly in their Browser and mine XMR for you in turn for an ad-free experience, in-game currency or whatever incentives you can come up with.”

How it Works

Initially, cryptojacking was occurring when the users were unknowingly installing a program that secretly mined the cryptocurrency. However, more recently, the cryptojacking uses JavaScript on a website to mine digital cash. Since JavaScript runs on almost every website, the JavaScript code is responsible for in-browser mining, and it does not need to be installed. There is no immediate way to tell whether a page has a hidden mining component and one may not easily notice the difference in performance. But someone can hijack your digital devices for digital profit.

Consequences of Cryptojacking

Cryptojacking uses the device’s CPU in its operations. Instead of the CPU being used at 10 – 15% of the total usage, it will exhibit extreme percentages of up to 80 percent. That means the performance of other devices is significantly affected and ordinary tasks usually take longer to complete. Coinhive’s JavaScript is compatible with all the platforms. Hence it can affect both Mac OS and MS Windows as well as Androids. Cryptojacking slows the operation of the user when visiting any of the websites.

Pros of Cryptojacking

There has always been an argument that cryptojacking should be viewed as a legitimate mode of monetization that could help prospective website owners to do well with ads which disrupt the operation of their website. The original authors of the code did not have any malicious intent. They only made it for website and browser extensions to monetize websites. That is why later they developed the AutheMine which required permission from the website owner before any impact on the website. Cryptojacking offers advertisement-free user experience, and offers services which are paid with their mining power.

How to Protect Yourself

The cryptocurrencies are not created by the central bank like the regular money; they are mined or generated by computers solving complex equations. Hence, websites have to employ strategies to avoid cryptojacking. Coinhive advises the websites that deploys it that they are supposed to inform users that they are being cryptojacked. The JavaScript can run on the computer without users realizing or having a way to opt out. If one needs to prevent their computer from being cryptojacked, they will need a software tool which looks at the code as it runs such as an ad-blocker. However, you may also feel that allowing the computer ads to run could be a better alternative.  

Additionally, Coinhive has advised many websites to inform the users for the presence of JavaScript. However, most websites do not do that. Thus, in this case, you are supposed to install an Anti-Webinar program as a precaution measure to warn you in case your computer is being used for third-party purposes you have not authorized.  

 

Although cryptojacking can be viewed as an excellent alternative to deal with the annoying ads, there are several consequences which are stated above that one should consider.

Source: scientificamerican.com

Please follow and like us:

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *