500 Million Users Targeted in Monero Browser Mining

“Monetize Your Business With Your Users’ CPU Power” – That’s the elevator pitch for Coinhive, a service that allows webmasters to mine Monero through the web browser’s of its visitors.

What is Monero?

On the surface, this could seem innocent enough. Webmasters need to pay for their websites, and advertising isn’t always profitable. By using a small percentage of their visitors CPUs, they can generate monero as a revenue stream. Hackers have, however, been targeting websites and secretly installing the software onto them.

Before we get into Coinhive, we need to understand what Monero is. If you are already familiar with Monero, you can skip ahead to the next section.

Monero is a cryptocurrency that has an emphasis on privacy. Unlike bitcoin, monero transactions are nearly impossible to trace. The currency is mined exclusively with CPU-powered Proof of Work (PoW).

This mining technique means that almost any computer can dig generate the currency. The advantage of CPU-powered PoW is that it also prevents industrial scale mining and centralization to occur and instead encourages decentralization.

In recent months, the value of monero has seen a sharp increase in line with other popular cryptocurrencies. At press, one unit of monero, or XMR, is valued at $175.

Coinhive Enters the Public Eye

Earlier this year, Coinhive made a splash after being discovered on popular BitTorrent site, The Pirate Bay. Users noticed that when they had the page open, their CPU usage was spiking.

The Pirate Bay claimed that this was just an experiment and that they had accidentally set the CPU use threshold too high. A month later after being removed, the mining script appeared again and is still there to this day.

While this usage of Coinhive was intentional, the software started to appear on an odd array of well-known sites. One of which was PolitiFact, a fact-checking website for promises and claims made by politicians. An anonymous user seemed to have fraudulently installed the Coinhive software, and the company quickly removed it.

500 Million Users Targeted

According to AdGuard, as many as 500 million users have thus far been targeted with the surreptitious mining of Monero. The AdGuard piece suggested that even though stealth mining is widespread, it is not particularly profitable.

The 500 million users refer to the 220 sites out of the top 100,000 web pages that have some form of CPU mining installed. If the value of XMR continues to climb, however, it is possible that this sort of browser mining could become more profitable than traditional ads. Independent security researcher Troy Mursch reckons that Coinhive could be making anywhere between $3.7 million and $5 million annually, even after accounting for the 30 percent cut they receive, based on figures from the webminer’s own website.

From here we can see the creation of an altogether novel market. As more and more web users are increasingly using ad blockers, web browser mining may become an essential part of web browsing in the future.

The Future of Browser Mining

Coinhive itself has recommended that all websites that use its technology should put a visible notice on their pages indicating that mining is happening. What’s unclear is whether or not webmasters will comply with this suggestion or not.

For those who do not want to have mining software running in the background and without their knowledge, several anti-mining plugins have been developed that can be used today. Some examples include AntiMiner, NoCoin, and MinerBlock.

As cryptocurrency adoption grows, we are likely to see more and more stealth mining across the board. Some will be legitimate and in the open, and some will be the work of hackers.