MinerBlock is a browser extension which alters the content of a webpage in an attempt to prevent a handful of crypto miners from running.

To function MinerBlock must be installed and left running in the browser while a user surfs and it must be trusted even though extensions can get you hacked.

And if that sounds like fear mongering, I assure you it’s not. The barrier to getting on the Chrome Store is approximately $5 USD and a good faith agreement with a company that covered up a massive data breach just late last year.

MinerBlock works by watching your surfing behavior and attempts to prevent external requests using a filters.txt file in addition to content sniffing.

Given the blacklist approach is untenable I won’t discuss it any further here. But I would like to touch on MinerBlock’s content sniffing and how to stop it.

Why stop a Mining blocker? Privacy: The more we can rely on web miners to monetize the web the less we’ll have to rely on ad tech and user tracking for original content. Security: A hacked MinerBlock extension may lead to mass surveillance. And if Google cannot prevent security software extensions like MEGA being hacked there’s nothing stopping MinerBlock, or any extension for that matter, from stealing your data and selling it to the highest bidder. But aren't all miners "cryptojacking"? No, that's a media buzzword designed to elicit fear, uncertainty and doubt. Miners are new technology and the fear of the unknown is likely to stir controversy just as Bitcoin itself did.

Now where were we? Oh yes…

MinerBlock injects a script tag into the page which it relies on to sniff the DOM for well-known cryptocurrency miners such as:

CoinHive-like miners

Mineralt miners

Webminerpool miners like Toxic Swamp

Here’s a more detailed look at exactly how this is accomplished:

Given an extension of this kind could cause problems if it did not correctly identify, and attempt to gracefully shut down, miners a simple approach to stop it is to monkey patch the names of the stop methods of each miner sniffed.

A change in the stop method name of any of the three miners changes its identifiable signature. As a result, not only will MinerBlock no longer be able to stop expected mining behavior it – and tools like it – will no longer be able to detect and potentially blacklist the miners either.

Here’s how MinerBlock sniffs for miner stop methods in version 1.2.16:

typeof this [ name ]. stop === 'function' // Check CoinHive like miners typeof this [ name ]. stop === 'function' // Check Mineralt miners typeof this [ name ]. stopMining === 'function' // Check Webminerpool miners

And here’s a simple technique you can adapt to monkey patch your code:

fetchInject ([ '/js/webminer.min.js' ]). then (() => { window . stopMinerBlock = window . stopMining ; window . stopMining = null ; // ... later ... window . stopMining = window . stopMinerBlock ; window . startMining (); // calls stopMining() as a safety check window . stopMining = null ; });

The above leverages Fetch Injection to modify the the miner API surface the instant the miner is added to the page using promises from ES2015/ES6.

Therefore, unless MinerBlock uses a DOM MutationObserver, it won’t be fast enough to detect the miner with its current setTimeout approach.

Of course you could get fancy and wrap up the public miner API in a closure, or even modify the miner source itself, but what would be the fun in that?

Profit: Interested in monetizing your content with Web mining? Check out the Interested in monetizing your content with Web mining? Check out the Toxic Swamp add-on module for the After Dark website design system for Hugo.

MinerBlock out!