Site navigation

Is Your Web Browser Mining Bitcoin Right Now?

Andrew Hamilton


Browser mining

Those other tabs you’ve got open right now could be harnessing your CPU to mine crypto-currencies.

The rise of Bitcoin and other ‘crypto-assets’ has prompted hackers to ‘hijack’ people’s browsers and use their computational power, security experts have warned. Palo Alto Networks’ Intelligence Centre has outlined how hackers are abusing a browser-mining service named Coinhive by injecting the application’s JavaScript code into legitimate sites, which then uses visitors’ CPU time to mine currency. But when DIGIT reached out to leaders in crypto-currency security, we were told that the development was to be expected.

Greig Paul, a Researcher in Electronic and Electrical Engineering at Strathclyde University, told DIGIT: “Crypto-currency mining happens everywhere, including the UK. Mining itself is completely legal, and is effectively just having your computer do lots of maths sums over and over again.

“Since the process is highly computationally intensive, and there is potential for a financial reward (of crypto-currency) if you are successful in mining a block – there is an incentive to mine a block.”

Part of a long-running trend

Paul continued: “This is not at all surprising. In fact, Bitcoin mining within the web browser isn’t a new trend. As early as December 2013, Quartz ran an article to discuss and demonstrate Bitcoin, featuring (optional) mining within the web page itself. Users could click a button and mine, and Quartz would be the recipient of any mining rewards. This was done with user consent to demonstrate a proof of concept, but it shows that this is not a particularly surprising development.”

Earlier this month, Palto Alto Networks’ Intelligence Centre revealed that it had found Coinhive running on almost 150 pornographic and video- and file-sharing websites to mine the crypto-currency Monero. According to PAN’s report, these sites, when accessed by users, utilised their computational power to carry out mining tasks and reward malicious parties with coins. The activities are being attributed to the rise in value of Bitcoin, the wold’s most recognised crypto-currency, now valued at £4,270 per coin.

Simon Taylor, Co-founder of 11:FS and Blockchain Practice Lead, told DIGIT: “Malware isn’t new. Historically, it has been stealing your data and slowing your laptop down through performing ‘DDOS’ attacks. The injection attacks used on torrent websites and others are a fairly common route used by hackers to generate money.

Paul claimed that these incidents will not be dissuaded by regulation as the activity is illegal in the first instance, and is likely of international origin. Paul told to DIGIT that security companies would simply have to remain vigilant, and websites willing to accept assistance when threats are detected.  He also suggested surfers download a ‘mining blocker’ for their browser, an extension designed to block mining scripts.

An Alternative to Advertising?

Taylor went further and explained that the activities, however malicious, actually highlight some exciting possibilities for browser-mining. Taylor told DIGIT: “What I like about this is that it’s actually a new revenue model for the internet if you look at ad-blocking/paywalls and the general difficulty mainstream media has had transitioning to digital. Moving away from ad-revenue and moving into paying through spare CPU cycles is a really neat business model.

“Now imagine this in emerging markets where there is limited infrastructure – where people could pay for content by mining a currency. I find the concept intriguing even if the first notable use is not exactly noble.”

Official discussions

The incident has prompted discussions at Google as to whether extra browser-protections are needed. “Yes, we should do something about it,” wrote Ojan Vafai, a Chrome Engineer on the browser’s official discussion forums.

Vafai suggested ‘aggressively throttling’ the activity of Chrome on purpose if malicious processes are detected. This in theory would constrict the amount of power that a hijacked website would consume from a visitor’s CPU. The visitor would also be notified, putting the onus on them to leave the website until it is clean again.

“I’m effectively suggesting we add a permission here, but it would have unusual triggering conditions,” he said. “It only triggers when the page is doing a likely bad thing.”

Taylor reiterated that the activity of browser-mining in itself is not an illegal activity. For those wishing to use their CPUs to mine for a good cause, Taylor recommends online charity Donate Your Tab, which allows users to do just that.

Andrew Hamilton

Andrew Hamilton

PR & Content Executive at Hutchinson Networks

Latest News

Cybersecurity Data Protection
Editor's Picks Recruitment Trending Articles
Cybersecurity Featured Skills
%d bloggers like this: