The rise of Bitcoin (or is it the rise and fall, then rise) is driving investors looking for the next big thing in investment crazy. All ethics have been thrown out of the window. There is little miners will not do, as long as the end justifies the means. Thus the explosion of cryptojacking, which is spreading far and wide across the internet.
Cryptojacking, in case you haven’t gotten the flow yet, is the act embedding JavaScript components into websites to leverage on the visiting device’s processing power. In a nutshell, cryptojacking is simply high jacking the visiting device’s CPU for mining cryptocurrency, (popularly referred to as mining monero).
An individual visitor to a site might mine just a tiny bit while they are visiting a certain website, but when you add up the total number of visitors over time. The site’s visitors will have lent their CPU’s to mining quite a considerable amount of monero for the site.
The worst part about it is, more often than not, the visitors don’t have any clue their device is being used to mine moneros for the website they are visiting. Though they will experience their device’s CPU clocking at a higher rate than necessary; it takes a keen user to notice.
Theoretically, it is a win-win situation for both the site visitor and the site owner. The visitor gets access to content online for free, while the site owner gets to rake in money (in form of bitcoins) and thus able to sustain the website and content. However in practice, it is not a win-win situation. The visitors are getting raw deal.
The miners are not being ethical in their approach; they do not inform the visitor that to browse the site, their device CPU will be used to mine moneros for the site owner. Thus by continuing to browse, the visitor is deemed to have given consent to their device CPU being used. As it is, the site owners are simply cyprojacking the devices without the visitors consent or knowledge.
Cryptojacking is becoming rampant
The unethical act of cryptojacking is spreading like wild fire across the internet. All thanks to the ‘in browser miners’ like Coinhive. Their lack of ethics and the fact that they are using up people’s device and electricity bill without explicit permission has prompted malware scanners and ad-blockers to start blocking them. However, not all antimalware scanners and ad-blockers out there do provide that function leaving most people unknowingly affected and unprotected.
“There was a steady increase in CoinHive usage through late November and early December, presumably driven by the surge in cryptocurrency valuations. It’s hard to guess the motivation of an unknown website operator, but based on an analysis of our detection data for the month of November, most coinmining sites were doing it on purpose, and a significant majority were taking all the CPU they could get,” says Paul Ducklin, a senior technologist at the security firm Sophos.