Your computer may be harvesting cryptocurrencies without your permission thanks to a large number of popular websites reportedly being infected with malware that uses visitor’s computers to mine cryptocurrencies.
According to a BBC report, a scan of some of the most popular websites on the web found hundreds to be harbouring malicious mining code.
Mining cryptocurrencies require a lot of computational power; rather than having one central computer that monitors the spending of cryptocurrencies, they depend on a large number of computers doing the complex calculations to establish the spending path of the currency.
For the average ‘miner’, an investment in a computer with a greater number of GPUs will pay dividends as performing the computation will reward them with an amount of the currency in exchange for the use of their computer.
Outsourcing the heavy lifting
For some though, it makes sense to outsource the heavy lifting to other computers. This is where mining software comes in. There are perfectly legitimate pieces of software out there like one created by company Coinhive, that companies can install into their websites that outsources the computational requirements to the computer of those visiting the site.
If users are informed that this is happening, it could potentially stand to be a new alternate revenue stream for websites, possibly replacing or supplementing adverts. The problem lies in if users aren’t told.
In recent times, there have been stories about The Pirate Bay and Showtimeusers reporting higher-than-usual GPU usage from their computers, and it turning out to be mining software running on the sites.
While this may seem like an obvious thing for websites to keep their users informed about, it gets more complicated when websites don’t know that they are running the software. Because of the slightly shady nature of The Pirate Bay, it’s easy to assume that it knew the software was running, but Showtime could have potentially been hacked.
When the BBC contacted the UK based websites that it found were running the mining script, many responded that they did not know who had added it to the site.
When Coinhive was asked about surreptitious use of its code, it responded: “We had a few early users that implemented the script on sites they previously hacked, without the site owner’s knowledge,” it said in a message to the BBC. “We have banned several of these accounts and will continue to do so when we learn about such cases.”
If you think that your computer may be affected by one of these mining scripts, a quick fix is to use an ad-blocker, but if you want more robust security for your computer, make sure you have a good antivirus package.