Cryptocurrency mining in the browser
The option to transfer the burden and cost of mining cryptocurrency on to end users through mining software has long been available. But the latest iteration of this approach does not require malware to be installed on users’ machines.
It is supposed to be an alternative way for site owners to earn money, instead of doing it by showing intrusive ads. It’s meant to be a win for everybody – Web site owners, visitors, and the Coinhive team – as the mining was not supposed to be kept secret from the users.
Every technology can be used for good and bad
The latest incident involved several Web sites of CBS’s subsidiary Showtime. According to The Register, Showtime.com and ShowtimeAnytime.com were equipped with the mining code and, for a couple of days, consumed as much as 60 percent of visitors’ CPU capacity.
The script was removed on Monday, but the question of who put it there remains. Showtime is still not commenting the incident and New Relic, a web analytics company within whose HTML comment tags the script was nestled, says they had nothing to do with the code.
“Upon reviewing our products and code, the HTML comments shown in the screenshot that are referencing newrelic were not injected by New Relic’s agents. It appears they were added to the website by its developers,” the company spokesperson said.
The Coinhive team did not reveal details about the owner of the account associated with that particular mining code, but confirmed that the email address associated with it is not an official CBS address.
If you’re computer has slowed down, and you suspect a miner to be the reason why, you can use Task Manager (on Windows) and Activity Monitor (on Mac) to check whether CPU usage is abnormally high and, if it is, to pinpoint the cause.
As for Coinhive?