The Ethics Of Cryptojacking: Rampant Malware Or Ad-Free Internet?

Cryptojacking, the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s permission or knowledge, has recently gained more traction in the crypto sphere as browser-based crypto mining has once again become possible and profitable.

As Bitcoin (BTC) became more and more popular worldwide since its inception in 2009, it became harder and harder to mine for cryptocurrencies on a personal computer, given the increasingly high amount of energy needed to make a profit. More efficient mining hardware like ASIC chips slowly became the norm, ending the era when one person sitting at home with a PC could make money mining Bitcoin.

However, with the introduction of altcoins like Monero, first released in 2014, which are naturally resistant to ASIC mining — due to the large amount of storage they require that ASIC cards cannot provide — the figure of the lone crypto miner has returned via browser-based mining.

Browser-based cryptojacking, however, is not necessarily accomplished by a single hacker taking over your computer to use its processing power to mine crypto. Today there are entire dedicated businesses and services that allow cryptojacking to take place on a mass, global scale.

Coinhive – the crypto miner of choice

A recently published academic study from Concordia University on the history of cryptojacking found that the JavaScript browser mining program Coinhive is currently the most commonly used script for Monero mining, and thus cryptojacking in general.

Coinhive works by providing an Application Programming Interface (API) to developers, which then lets the developer use a website visitors’ CPU resources to mine Monero. Coinhive markets itself to web-based companies as a replacement for online ads, proclaiming unabashedly on their website’s main page: “Monetize Your Business With Your Users' CPU Power”.

This “rejuvenation of browser-based mining,” has taken many forms, from cryptojacking attempts by malicious players to relatively benign cable companies trying to use it as an alternative form of monetization, instead of showing users online ads.

Malicious cryptojacking cases

Cryptojacking malware has been placed on a variety of websites around the world — as Cointelegraph reported in late January, more than 55 percent of businesses worldwide have been affected by the practice.

According to a Microsoft blog post from March 13, an average of 644,000 computers were infected with crypto mining malware from the period of September 2017 to January 2018. The blog notes that cryptojacking can come in many forms, like video streaming sites constructed with the only goal being cryptojacking, or tech support scam websites that are actually crypto miners.

PIC

source: microsoft.com

It was discovered in January 2018 that Youtube had been the target of cryptojacking attacks, when anonymous hackers placed cryptojacking scripts into ads that played on the platform. According to reports on the cryptojacking hack, Youtube users in Japan, France, Taiwan, Italy, and Spain were the most affected.

More recently, Tesla’s Amazon Web Service software container was cryptojacked due to a lack of password protection. A similar case of cryptojacking took place in October 2017 at the Amazon Web Services of the companies Aviva and Gemalto.

Earlier this month, Microsoft reported that it had blocked more than 400,000 cryptojacking attempts in a span of 12 hours. The attackers used the NiceHash crypto cloud mining marketplace, which supports a variety of currencies, although the Microsoft report found that the attempts were to mine for altcoin Electroneum.

On a larger scale, a study published by the University of Toronto in March found that Telecom Egypt, a government entity, has been linked to using middleboxes to surreptitiously direct Egyptian Internet users to cryptocurrency mining sites, specifically mentioning the service Coinhive.

Can cryptojacking be non-malicious?

The Coinhive mining script has shown up in several cryptojacking incidents that were arguably not as malicious as those detailed above.

In September of last year, it was discovered that the illegal piracy site,