- Outsourcing News
- Outsourcing Press-Releases
- Outsourcing Events
- Outsourcing Analytics
Security researchers are concerned about the rise of cryptocurrency miners that are being embedded into websites and apps to use a device’s resources without gaining permission.
Security firm Trend Micro discovered three Android apps on Google Play with two different miners.
Google removed the apps after being alerted to their hidden mining capabilities.
Trend Micro researchers say while using mobile devices probably returns insignificant earnings for the attackers, the malware still degrades the device’s performance, causes wear and tear, and reduces its battery life.
Coinhive offers its mining service as an alternative to monetizing a website through ads. However, Trend Micro, Malwarebytes, Sucuri, and other security firms have found a recent surge in attackers adding Coinhive miner to compromise websites to borrow CPU power from PCs. Some sites were also keeping ads while silently running the miner rather than replacing ads.
It’s the same miner that was founded embedded on The Pirate Bay, but the piracy site’s developers were intentionally testing whether mining Monero could replace ads, which are often blocked by ad-blockers.
The key problem, and reason Malwarebytes recently decided to block script running from Coinhive.com, was that Coinhive allowed site owners to use it without first asking the visitor’s permission.
As Sucuri notes, Coinhive responded to the antivirus blocks by releasing a new version of the miner that runs scripts from the domain AuthedMine.com, which only allows a site to use a visitor’s CPU after the user opts in. The site shows an example of what the opt-in UI looks like.
However, Coinhive still supports the older version with no opt-in user interface. And as BleepingComputer noted recently, there are now several Coinhive clones, including WordPress ‘Coin Hive’ plugins, and none of them asks for permission.