The volume of cryptomining transactions has been steadily growing since Coinhive came out with its browser-based cryptomining service in September 2017.
Some websites have embraced the option and are giving their visitors the choice between viewing ads or sharing their CPU power to mine cryptocoins. Unfortunately malicious, covert hijackings of computer power are much more common, as the mining code can be secretly injected into compromised legitimate sites or even ads that are being served by third party ad networks.
Everybody’s a target, including enterprises
“Enterprise networks are being impacted in various ways. Unwanted and unidentified mining activity inside networks causes increased wear and tear on corporate hardware, as the mining increases CPU cycles. Mining activity also hogs corporate network bandwidth and causes performance issues,” Zscaler researchers pointed out.
The 2.5 billion web-based coin-mining attempts in the Zscaler cloud they’ve detected since October 2017 reveals the following picture:
Coinhive is by far the most active cryptominer service, followed by Crypto-Loot, CryptoNoter, Minr, DeepMiner, and several others.
Cryptomining has increased among the top 100,000 sites (as ranked by Alexa), and nudity/pornography, streaming and corporate sites are the most popular targets for cryptominers.
“The average browsing time for users on video streaming sites tends to be higher allowing miners to maximize their activity as users stay on these sites to view movies or play games,” the researchers explained.
“Note that the professional services and marketing category sites ranked high as well, demonstrating the prevelance of mining activity on corporate networks.”
The US is the county with the greatest number of cryptomining users and in the hosting of servers that are involved in mining activity. In the first category it is followed by Switzerland, Brazil, India and Spain; in the latter by Germany, Russia, Romania and Bulgaria.
While increased power use and hardware erosion are effects that both enterprises and consumers will suffer die to cryptomining, enterprises also risk running foul of regulations.
“Corporations that unknowingly have cryptomining activities taking place on their networks may be at risk of compliance violations in that there is unidentified action taking place on company systems,” the researchers pointed out.