
Adblockers are trying to prevent people from accidentally helping criminals mine cryptocurrencies like bitcoin. Malicious code running in the background of thousands of webpages can hijack a visitor’s computing power to generate cryptocurrency in a process called cryptojacking. There is no sure-fire way to avoid cryptojacking, but blacklists managed by adblockers should keep you away from the worst culprits.
Around found on websites is modified from something produced by the German company Coinhive. Their business model is that instead of websites bombarding visitors with adverts, they could mine a small amount of the cryptocurrency Monero, known for its high levels of anonymity. The websites get an income, which Coinhive gets a 30 per cent cut of, and the visitors get ad-free browsing.
However, although Coinhive asks users before nabbing their processing power, hackers are secretly placing a variant of the code that doesn’t onto thousands of different websites. This means anyone who visits those websites ends up unwittingly generating cryptocurrency for the hacker who snuck in the code. It’s not just desktop PCs and laptops that are susceptible. Anywhere Javascript can be run – including mobile phones and servers – can be a target.
Advertisement
And cryptojacking isn’t confined to the seedier corners of the internet. Official government websites, including two Ukrainian ministerial sites and the website of the president of Bangladesh, have all been hacked with cryptojacking code. Neither the website owner or the visitor make any profit, only the hacker does. In total the malicious code has been found running on at least 36,000 websites, and in 291 Android apps, according to recent analyses by Robert Baptiste, a researcher from French security company fsociety and Troy Mursch, who runs Bad Packets Report, a computer security website.
On the blacklist
In total, cryptojacking an estimated $150,000 per month. “Once it’s placed on a website, anyone on any device with a web browser that visits that site immediately starts mining,” says Mursch.
It’s not obvious when a computer has been affected, but people may recognise the symptoms of their processing power being diverted: laptop fans start spinning faster and mobile phones get hot, for example. One phone Mursch tested Coinhive on got so warm the screen became unsealed from the device.
A Coinhive spokesperson says the code being used for nefarious means was “not affiliated with Coinhive in any way”. And they hope the technology will be adopted through legitimate means. Coinhive has 120,000 accounts registered on its legitimate version, a third of which have been active in the past week. “We believe the web is slowly learning how to best embed cryptominers without annoying their users”.
Users can protect themselves from cryptojacking by repurposing the humble adblocker. As well as blocking ads, these programs keep a list of blacklisted websites known to host cryptojacking code and can warn users before they visit them. “Adblockers have always been adblockers in name, but really they have been used by users for a number of different reasons,” says Ben Williams of Adblock Plus.
We are likely to see cryptojacking for years yet, says Williams: “It’s a new phenomenon and I don’t think it will stop.”