Introduction: This blog is about CoinHive. I will describe how it affects websites, how websites get infected and how to prevent it or how to get rid of it.
You might ask yourself how many websites are affected for example in Czech Republic? Unfortunately, there are about 4 000 websites infected with CoinHive. There are many websites affected by this malware worldwide, but some website owners are not even aware that their website already contains this malware. The lack of security in general can allow this malware to be installed on your website’s host server without you even noticing it in time.
Different types of websites are targeted, but mainly those ones with less security and with good amount of audiences. For example, even photography sites are targeted for this reason. Once infected websites connect to the webserver, it will kick visitor’s computer with malicious mining tool which allows the attacker to mine on viewers computers. With this method the attacker group will be mining a cryptocurrency and could be making a lot of money using the viewers hardware. Websites are not targeted randomly. An attacker will search for a weak webserver (which means weak security) and once the website with a weak web server is located by the attacker, he will hack the server system and inject the website files with malicious mining system. It’s not only websites that are targeted. Similar malicious mining systems were also detected on thousands of mobile applications, mainly on Android.
This process is used by the attacker groups to make money illegally and anonymously. The CoinHive system uses currencies such as Monero, which are untraceable and used for anonymous transactions. CoinHive will invest into cryptocurrencies for free using other people’s hardware “computers” to mine without their permission through their browser. CoinHive is used for breaching security and leading hackers hijacking cryptocurrency mining scripts on some known or legitimate websites. This malware will then slow down your desktop or laptop, because it will be using the full 100% processing power from the graphics cards and the central processing unit. This will later bring down the life scale of your device.
https://www.wired.com/story/cryptojacking-cryptocurrency-mining-browser/ https://www.coindesk.com/coinhive-cryptocurrency-miner-is-6th-most-common-malware-says-report/ https://blog.malwarebytes.com/security-world/2017/10/why-is-malwarebytes-blocking-coinhive/ https://arstechnica.com/information-technology/2017/10/a-surge-of-sites-and-apps-are-exhausting-your-cpu-to-mine-cryptocurrency/ https://www.pcmag.com/news/357535/why-hackers-love-cryptocurrency-miner-coinhive https://www.howtogeek.com/334018/how-to-block-cryptocurrency-miners-in-your-web-browser/ https://lifehacker.com/how-to-stop-sites-from-harvesting-cryptocurrency-from-y-1819712943 https://www.theregister.co.uk/2017/10/19/malwarebytes_blocking_coin_hive_browser_cryptocurrency_miner_after_user_revolt/