Get trading recommendations and read the analysis on Hacked.com for only $ 39 a month
The author, David Balaban, is a researcher in computer security with more than 15 years of experience in the malware analysis and evaluation of antivirus software.
Coinhive The first browser-based cryptocurrency project becomes a source of revenue for Internet criminals. Its evolution is rapidly evolving from the monetization of website traffic to a workflow that crypto-crooks benefit from.
The design is unique and intelligent. Good game! Coinhive developers claim that it's the best replacement for annoying ads. All he needs is access to the CPU of the device. Web sites raise funds while their visitors benefit from ad-free browsing.
Shortly after the release of the application, the Pirate Bay hosted it for a while. As visitor comments were not welcome, Pirate Bay is rid of the novelty.
Another explanation suggests that approval was in place, but only for the test mode. This theory seems more likely. SetThrottle estimates that Coinhive operated only 3% of the time. In the case of a hack, this ratio would certainly be higher. The alleged intruder would realize the risk of being detected, so try to get as much as possible as soon as possible.
The latest estimate reveals that the top 100 websites such as Pirate Bay can earn XMR 27.5 per month, or about $ 12,000 . Since Pirate Bay is among the 100 most visited sites, while the Showtime is only at the end of the top 10 000, the latter would earn much less than the previous one.
Good intentions open the way to hell. The design of Coinhive is not a crime, but the miner follows the sad path of a number of other useful solutions exploited by crooks. In less than a week after developers introduced their Monero product, cyber criminals have incorporated it widely and deeply into their scams.
Moreover, miners also practice URL hijacking. For example, hackers have registered a typo-squatted Twitter Twitter site, Twitter.com.com (more active). If you enter Twitter this way, your browser should launch the Monero-mining page instead of the real Twitter. Needless to say, you will not keep the page open, but even a short visit contributes to the activity of minors. Finally, a number of deceptive websites can generate decent income for their holder.
Experts predict that the integration of Monero into the adware is only a matter of time. Most likely, crooks have to integrate it into browser hijackers. There is virtually no obstacle that would prevent adware developers from modifying the original payload of their infections to include background exploration with the Coinhive script.
The Coinhive version is available for anyone who wants to wet. Its developers claim that they assume no responsibility as to how the application should be used. Hackers do not care either to abuse the minor in any way possible.
The public has already called Coinhive mining a crypto-jacking because of its embezzlement of browsers for unauthorized mining purposes.
Computer security is preparing to deal with large-scale encryption campaigns. Major anti-adware editors blacklisted the Coinhive almost immediately after its release.
Other web developers have come up with a pair of dedicated solutions. AntiMiner and minerBlock examine the Chrome process and detect and kill any mining activity.
Great News as WannaCry and Other Ransomware CCleaner and Equifax hacks have already scored this year for computer security, but mining for Monero and other coins is very likely to overtake the current hacking. Adware is readily available to support the mining scam.
Malware research laboratories report having observed more than 1.5 million devices affected by mining applications. The report covers only the first half of this year and only 100% of confirmed cases. Cryptocurrency miners are also landing more and more on corporate networks.
Coinhive developers are proud to admit that their tool is much more popular than they could ever dream of, but their dreams come true in a clumsy, if not ugly way. Hackers misuse the solution and combine it with malware.