Up to 'ONE BEEELLION' vid-stream gawpers toil in crypto-coin mines

Come for the free movies, stay to dig Monero for a stranger


Security experts claim four extremely popular video-streaming websites have been secretly loaded with crypto-currency-crafting code.

According to AdGuard, the massive Monero-mining operation was discovered when ad-blocking plugin developer was fine-tuning its ad blockers to catch and block sites that attempt to hijack web surfers' spare CPU cycles for mining.

"While analyzing the first complaints, we came across several VERY popular websites that secretly use the resources of users' devices for cryptocurrency mining," AdGuard cofounder Andrey Meshkov explained this week.

"According to SimilarWeb, these four sites register 992 million visits monthly. And the total monthly earnings from crypto-jacking, taking into account the current Monero rate, can reach $326,124.85."

AdGuard says the sites – openload, Streamango, Rapidvideo, and OnlineVideoConverter – are often linked for other pages as embedded players, increasing their reach over hundreds of millions of visitors.

"We doubt that all the owners of these sites are aware that the hidden mining has been built in to these players," noted Meshkov, meaning the servers may have been hacked to inject the mining code into browsers.

As with other mining schemes, the sites used Coinhive's software to silently generate Monero coins without users noticing anything other than a slowdown of their machine. AdGuard said it had updated its plugins to catch the activity. Other ad-blocking plugins and antivirus packages also kill Coin Hive's JavaScript code on sight.

The discovery is the latest in a huge wave of websites that are loading up (both with and without the operators' knowledge) alt-coin mining software to co-opt the compute cycles of visitors to help generate cryptocurrency.

With the value of digital currencies skyrocketing in recent weeks – Monero, for one, leapt from $90 to $300 apiece in about a month – covert methods of generating the crypto-wonga have become ever more popular. Earlier this week, for example, researchers found that a Wi-Fi operator in Argentina was compromised to load up coin-mining code in the browsers of machines connected to the public network.

"At the moment, the only real solution is to use an ad blocker, an antivirus or one of the specialized extensions to combat crypto-jacking. Unfortunately, not all users know about the problem or want to use such software," Meshkov said.

"The only way to completely close the issue of browser-based mining is to implement security mechanisms at the browser level." ®

Similar topics


Other stories you might like

  • Crypto market crashes on Celsius freeze, inflation news
    Not a good moment to look at that digi-coin portfolio, fam

    The cryptocurrency world is experiencing what can only be described as a meltdown, with prices plummeting today to lows not seen since the end of 2020.

    The plunge is likely due to several factors including general economic uncertainty as seen in the stock market, inflation, bearish conditions and loss of confidence in crypto-coins, and scared money and bots being spooked by whales selling.

    It definitely did not help that crypto-lending biz Celsius Network put a freeze on withdrawals, swaps, and transfers Sunday night. Soon after Bitcoin tumbled 10 percent, Ethereum lost 19 percent of its value, and fan-favorite Dogecoin shed nearly 15 percent of its value, or about $0.01, since then. 

    Continue reading
  • Bill Gates says NFTs '100% based on greater fool theory' amid crypto cataclysm
    Plus: Non-fungible tokens for dummies

    Comment Microsoft co-founder Bill Gates has declared that "expensive digital images of monkeys are going to improve the world immensely."

    He was joking, obviously, though considering Gates's supposed connection to microchips in vaccines, one can never be too careful. What he's talking about are non-fungible tokens (NFTs), which came up at a TechCrunch event in Berkeley, California, on Tuesday. Specifically the Bored Ape Yacht Club variety.

    You know those kids' books where the picture is divided into three (head, body, legs) so you can turn different sets of pages to get a different image? That's what the Bored Ape Yacht Club is for those willingly parted from large amounts of money for the right to stand next to a picture of a cartoon chimp.

    Continue reading
  • Japan lets its banks and other entities issue stablecoins
    Wants private coins to have face value in Yen by 2023

    Japan's parliament has passed legislation allowing Yen-linked stablecoin cryptocurrencies, thus becoming one of the first countries – and by far the largest economy – to regulate a form of non-fiat digital money.

    The regulations stipulate that only banks and other registered financial institutions – like money transfer agents and trust companies – can issue the alterna-cash. Intermediaries, or those who are responsible for the circulation of the currencies, will be required to adopt stricter anti-money-laundering measures. The rules also define stablecoins as digital money and guarantee face value redemption.

    Japan's Financial Services Agency (FSA) floated this regime in a March 2021 proposal. Parliamentary assent for the proposal means it will come into effect in 2023. The regulations will apply to domestic financial institutions as well as foreign operations that target Japanese users. The research material supporting the decision relied heavily on trends in the US and Europe.

    Continue reading

Biting the hand that feeds IT © 1998–2022