This past weekend, hackers compromised a popular accessibility plugin called Browsealoud in order to turn users into unwitting cryptocurrency miners. It was a bold scheme, and even affected a number of US and UK government sites, but not a particularly successful one — it was stopped swiftly, and the total take, according to Coinhive, the service for mining cryptocurrency in a web browser that the hackers used, was the equivalent of just $24.
Using website visitors’ spare processing power to mine cryptocurrency isn’t only of interest to hackers. Online advertising revenue at many websites is dwindling, especially in the era of ad blockers, so even legitimate publishers have started to experiment with mining as a revenue stream.
Take Salon, an online magazine that has struggled to maintain relevance — and, in lieu of readership, income — during recent years. Yesterday, Salon readers noticed an unfamiliar message offering them the opportunity to block ads in exchange for letting the site "use your unused computing power." A FAQ on the site explains that the spare processing juice would be used to mine cryptocurrency, though it does so in strikingly roundabout language: “For our beta program, we’ll start by applying your processing power to help support the evolution and growth of blockchain technology and cryptocurrencies.”
It turns out that Salon is also using Coinhive, the same service as the hackers, which has grown so widespread that security company Malwarebytes reported last year that it had become one of the main services its anti-malware software blocks. Coinhive didn’t reply to a request for comment.
Though Salon’s mining program is opt-in, unlike the hackers’, mining cryptocurrency will likely result in a less pleasant browsing experience. Salon’s own FAQ admits that the processing-hungry service is likely to fire up a computer’s fans to dissipate extra heat, like a demanding video game. According to Malwarebytes, it’s even possible that the software will damage older hardware.
For the most part, using browsers to mine cryptocurrency has remained the purview of criminals, scammers and other grey-market players. Last year, the popular torrent site Pirate Bay also started using Coinhive to earn extra income, and Showtime was caught doing the same thing with its site in September.
When Reddit banned Deepfakes, a forum where people were using deep learning software to insert the likenesses of celebrities into pornographic films, the Deepfakes community fractured and spread across the internet. One place where it landed was Deepfakes.cc, a new message board where people could post the doctored clips — but it soon emerged that the site was covertly using Coinhive to monetize the influx of traffic.
Update 02/14/2018 9:08AM: Kaspersky Lab security researchers released a statement Tuesday evening stating that a vulnerability in the desktop version of secure messaging app Telegram allows for tacit cryptomining, and has been exploited since March 2017 to mine currencies including Monero (the same one that Coinhive mines).