Wednesday, March 21, 2018

Cryptocurrency Mining Haunts Browsers






Browser-based cryptocurrency mining makes a suprising come back to haunt visitors.

Browser-based cryptocurrency mining activity has once again exploded in the last few months of 2017 and it is still climbing in 2018. After many years of silence, the convict appears to be the launch of a new browser-based mining service in September 2017 by Coinhive. This service generally wraps everything up nicely in an easy-to-use package for website owners and has injected new life into an idea that was long thought as lost.
  • As said before browser based cryptocurrency mining isn't something new; it's been around since at least 2011.
  • A surge in the cryptocurrency market in 2017, as well as availability of coins that are mineable using home hardware and easy-to-use JavaScript APIs, has led to a torrent of malicious browser-based mining affecting many well-known and lesser-known websites.
  • Mobile devices have not been spared from cryptocurrency mining, as witnessed by a 34 % increase in the number of mobile apps incorporating cryptocurrency mining code.
Browser-based mining, as its name suggests, is a method of cryptocurrency mining that happens inside a browser and is implemented using scripting language. This is different compared to the more widely known file-based cryptocurrency mining approach which involves downloading and running a dedicated executable file.

The website injected service generally allows itself to mine the crypto-currency Monero without the consent of users while users had the website opened in a browser tab. This illicit nature highlights the problem of not only unregulated cryptocurrencies but cryptocurrency mining as well.

Browser-based mining dates back to May of 2011 when an innovative service called BitcoinPlus.com was initially launched—back then Bitcoin was cheap and mining was relatively easy. That service was in many ways remarkably similar to its modern reincarnation, Coinhive. It used JavaScript for pooled mining and website owners could sign up to the service and embed these scripts into their web pages to make page visitors mine for them. The big difference is that back in 2011 BitcoinPlus.com, as its name suggests, mined for Bitcoin (BTC) whereas the current browser-based miners like Coinhive are mining for Monero (XMR)—a newer, privacy-focused cryptocurrency. Back in 2011, before the advent of ASIC mining in 2013, Bitcoin was still in its infancy, mining difficulty was relatively low, and cryptocurrency prices were even lower. It was (just about) possible to do some mining with home-grade hardware.

Worse case scenario is that lesser known websites, such as user forums etc. are rapidly choosing this method to increase their revenue as site advertising doesn't seem to produce enough revenue.

Due to the fact that the code is executed on the user's browsers without the consent of the user, the user literally have no control over the execution of the code. The impacts are not limited to the browsers, but it affects the whole machine as, many users today visit sites not only on their desktops, but whilst on the move on their phones, tablets and laptops, which generally means faster draining of their battery power as the CPU of their appliance is consuming power nearly at 100% rate (causing the systems and devices to produce more heat, which means more power consumption !!)

As the code is executed on the user's browser, the problem is OS independent and it affects all systems (yes, Linux, you are no exception).

SYMPTOMS:

Frankly, when I first ran into the problem, I realized that my CPU fan was working at fullspeed, whilst hot air was being exhausted out from the vents. At first glance I found it quite odd that a website was causing my CPU to work like crazy as first reaction is, it cannot be possible. But of course it can. When I looked at what is heating my proudly owned Linux-top I realized something odd:





In my next post I will explain about the solutions for the problem. 

References:
https://www.symantec.com/blogs/threat-intelligence/browser-mining-cryptocurrency

http://www.thewindowsclub.com/block-websites-using-cpu-mine-cryptocurrency
https://thenextweb.com/apps/2017/09/19/cpu-cryptocurrency-miner-blocker/