With the price of cryptocurrencies reaching new highs in 2017, the incentive for nefarious actors to devise innovative methods of acquiring them is also rising. One such technique uses a program known as CoinHive to secretly mine for digital currencies on the machines of unsuspecting users. According to a post on Bleeping Computer, a Google Chrome extension that streamlines the reblogging process for Tumblr users is the latest software to become compromised in such a way.
IBTimes report that as many as 105,000 users of the software have been discovered to be secretly mining the privacy-focused digital currency, Monero. It’s believed that the choice to mine this particular coin was made due to the anonymity features embedded within its code, as well as the fact that regular computers possess sufficient processing power to successfully solve the algorithms which are required to generate additional coins for those behind the attack.
Many users of Archive Poster have taken to the google Chrome web store, lambasting the software with a series of bad reviews. One user wrote:
“Do not use this extension as it comes loaded with a cryptocurrency mining script. Once installed it makes requests to coinhive which eats up your CPU time and slows your computer down massively. Avoid.”
The developers behind the software, Essence Labs, believe that their program was hacked by someone who had targeted an ex-employee. A representative of the company spoke to PCMag:
“An old team member who was responsible for updating the extension had his Google account compromised… Somehow the extension was hijacked to another Google account. In the meantime we have alerted the users to use a safe version of the extension on a different link.”
This example isn’t the first of covert mining software targeting unsuspecting internet users. In recent months The Pirate Bay, Showtime, Starbucks, and even the UFC’s websites have all been reported to be running CoinHive software to mine cryptocurrency without their visitors’ consent.
Programs like CoinHive were intended to provide a way of monetising internet content. When used with express consent, they offer an opportunity for publishers to provide their services without relying on oppressive levels of advertising. However, examples like those listed above show how easy they make it to infect users’ machines without their knowledge. Without consent from the owner of the machine, the schemes such as the Archive Poster hack are morally suspect. Since they use large percentages of the target machines’ processing power, users might mistake the slowdowns they’ll inevitably experience to some other fault with their machine. This can understandably cause great frustration for computer users who are less experienced with diagnosing system faults.