This article is more than 1 year old
Coinhive crypto-jacking increasingly pops up in top 3 million websites
Not even ordering pizza is safe from the browser crypto-mining scourge
A total of 2,531 of the top 3 million websites (1 in 1,000) are running the Coin Hive miner, according to new stats from analytics firm Red Volcano.
BitTorrent sites and the like were the main offenders but the batch also included the Ecuadorian Papa John's Pizza website [see source code].
Coin Hive launched a service this year that allowed mining of a digital currency called Monero directly within a web browser. The simplicity of the Coin Hive integration made the approach successful but partly due to several initial oversights – most notably through a failure to enforce an opt-in process to establish user consent – the technology has been widely abused.
Drive-by mining is the new drive-by downloading [source: Malwarebytes white paper]
US and Spain top the list of countries most impacted by drive-by mining [source: Malwarebytes]
Instances of crypto-mining code on webpages or buried within rogue smartphone apps keep rolling in.
Security vendor Ixia warns two games on the Google Play store, Puzzle and Reward Digger, by AK Games are actively mining cryptocurrency from thousands of infected Android mobile phones.
Android cryptocurrency mining malware can be quite lucrative for cybercriminals. For instance, total profits earned on one specific Magicoin wallet are equal to $1,150 at current exchange rates, according to Ixia's report. This makes cryptominers the next generation of adware software, Ixia concluded.
Elsewhere Netskope discovered a Coin Hive miner installed as a plugin on a tutorial webpage for Microsoft Office 365 OneDrive for Business. The offending website – https://www.sky-future[.]net – removed the Coin Hive plugin after it was notified about the issue. "The tutorial webpage hosted on the website was saved to the cloud and then shared within an organisation," according to Netskope.
Microsoft told El Reg that its "security software detects and blocks this application." Ad blockers and antivirus programs have also added features that block browser mining but few security watchers think this alone will bring the issue to heel. The opportunity to coin in cryptocurrency by enslaving the machines of others is just too tempting for unscrupulous websites and black hats. ®