SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image

The Coinhive cryptocurrency miner - more trouble than it's worth?

Mon, 16th Oct 2017
FYI, this story is more than a year old

Cryptocurrency miners that hide amongst websites have been the subject of discussion for many in the security world lately, but are they causing more damage than they are worth?

Legitimate website owners embedded Coinhive JavaScript code in their website, which used visitors' CPUs to mine the Monero cryptocurrency and delivered the payment direct to the site owner's wallet.

However, it wasn't long until cybercriminals from The Pirate Bay hijacked the trend, according to Anat Davidi and Simon Kenin from Trustwave's SpiderLabs blog.

"Unfortunately a typo in their code caused the miner to use up all available CPU cores, causing CPU usage for many users visiting the site to go up to 99%. Whether or not you believe it was a typo, this is will be an interesting data point for later on," Davidi and Kenin say.

This spurred a debate about whether cryptocurrency miners are worthwhile. Trustwave has now blocked the Coinhive miner because the company believes the end users are victims that receive no benefits.

Because Coinhive uses visitors' CPUs to mine cryptocurrencies, and because site owners can modify site settings, in some cases the mining process can use 100% of all CPU power through a visitor's browser.

While cryptocurrency mining can add to site owners' revenue as an alternative to traditional ads, Trustwave says it is not a 'better' alternative.

"30% of the mined currency goes to Coinhive themselves, the other 70% go to the site owner. The power company gets what the user pays for the mining process and the user themselves? Well, hopefully they get an internet browsing experience with no ads.?" The researchers ask.

The company conducted an experiment that measured additional side effects to higher CPU usage, including heat and noise generation; and higher power bills.

The study gained a baseline measurement of one machine's power usage and then compared that to the usage when the same machine was running Coinhive.

The machine generated 1.212kWh over 24 hours, which when put into context of regional power prices, can add as much as $14 per month to a power bill, assuming the miner runs all the time.

In Singapore, the tariff is 15 cents per kWh which adds US$5.45 per month to the bill.

In Germany the prices is 34 cents, or roughly US$12.30 a month.

In Australia, the price is between 34 and 47 cents depending on where you live, so about $9.80 to US$13.80 added to your monthly electricity bill.

"Additional factors such as overall consumption and times of day sometimes also affect these prices depending on where you live," Davidi states.

He says that although it may seem extreme to imagine that a miner would run 24/7 on a machine, many corporate users may not turn off their computer at the end of a day.

The researchers continue to look at how cybercriminals leverage Coinhive. They are able to exploit servers (and visitors) to mine cryptocurrency directly into their wallet.

Because it is unclear who is behind the actual Coinhive code, it remains a dangerous platform.

"Somewhere between malicious use, irresponsible use, and Coinhive's implementation, it seems that end-users always come out on the losing end of this deal and especially on a corporate level, (the core of Trustwave SWG's users) we felt it was in the best interest of our customers to block this behaviour," Davidi and Kenin conclude.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X