Categories: CryptoNews

Research Confirms Cryptojacking Remains Very Popular Among Criminals

It has been a while since cryptojacking made media headlines. This nefarious activity allows criminals to exploit website visitors’ computing resources to mine cryptocurrencies without consent. A new report by Troy Mursch suggests Coinhive’s code is active on close to 400 websites. In most cases, this code was injected by criminals, rather than by the site owners.

Cryptojacking Remains a big Problem

Anyone who has paid attention to developments in the cryptocurrency industry this past year will have come across the term cryptojacking. Originally referred to as “in-browser mining”, the concept has quickly become a favorite tool among criminals. By injecting mining code into popular websites, criminals can passively earn cryptocurrency revenue by hijacking the computing resources of anyone visiting the infected website.

While there are legitimate use cases for this activity, they are apparently dwarfed by malicious projects. Researcher Troy Mursch recently unveiled a new report documenting the cryptojacking trend. It paints a very troublesome picture, as the Coinhive in-browser mining code is used on almost 400 major websites without user consent. This list includes the San Diego Zoo, Lenovo, and quite a few other popular sites. Unsurprisingly, it also includes websites related to the US government.

Although these findings do not come as a real surprise, they point to a big problem which will need to be addressed. Since so many sites host the Coinhive mining script without even knowing it, they all seemingly suffer from lackluster website security in general. It takes a bit of effort for criminals to exploit existing websites and inject code to mine cryptocurrencies specifically. Why these particular sites were vulnerable in the first place remains unknown.

Related Post

The report described an attack using an outdated version of Drupal as follows:

Digging a little deeper into the cryptojacking campaign, I found in both cases that Coinhive was injected via the same method. The malicious code was contained in the “/misc/jquery.once.js?v=1.2” JavaScript library. Soon thereafter, I was notified of additional compromised sites using a different payload. However, all the infected sites pointed to the same domain using the same Coinhive site key.

As one would expect, a lot of the vulnerable websites are hosted by the same provider – Amazon – and they are located in the US. This suggests that Amazon’s users do not necessarily update all of the software running on those servers manually, which opens the door for criminals to take advantage of these issues.

For those who are unaware, the Coinhive mining script is used to mine the Monero cryptocurrency. Due to this currency’s anonymity, it is quickly gaining traction among people who don’t want their transactions to be tracked on a blockchain. It is unclear how much XMR has been generated through these cryptojacking efforts, but rest assured a fair amount of money is being generated from these sites.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Is Plus Wallet Set to Rule Crypto Security? NGRAVE ZERO Teams Up with MetaMask & Ethereum’s Mekong Testnet Launches

As cryptocurrencies become increasingly integral to financial strategies, individuals are seeking more secure and profitable…

4 hours ago

This Top Altcoin Surpasses Shiba Inu, Dogecoin, PEPE, and Bonk in the 2024 Bull Run

With the bull running in the crypto market, several cryptocurrencies are showing strong potential for…

4 hours ago

2024’s Premier Crypto Hot Wallets: A Comprehensive Guide

For newcomers and veterans alike in the digital currency arena, securing a robust and user-friendly…

4 hours ago

Top Cryptos to Watch in Q4: BlockDAG, Solana, TRON DAO, and Ripple Set the Stage for Future Gains

For those adept at deciphering market trends, pinpointing the next leading cryptocurrency is certainly achievable.…

5 hours ago

Best Crypto Presale to Buy Now in Mid November! This Coin Is Set to Dominate the Next Bull Run

Are you searching for the best crypto presale opportunities to maximize gains during the next…

9 hours ago

Investors Ditch AVAX and Cardano (ADA) as Interest Peaks for New Crypto Presale Seeing Record Volume

All-time highs have been rolling in all summer for the hugely promising Web3 casino Rollblock…

9 hours ago