Beware of Cryptocurrency Miner Scripts that Hijack Your Browser

Beware of Cryptocurrency Miner Scripts that Hijack Your Browser Featured Image

The vast majority of websites use affiliate links or advertisements through a third party (or through their proprietary system) to make revenue. It can be a little bit annoying, but some websites have reached a point where they are trying to “mix” these ads in with their content in such a way that they won’t be such an eyesore to visitors. Others have taken to writing scripts that use their visitors’ computers without their consent to “mine” cryptocurrencies so that they can turn a profit. This has become such a problem that it is beginning to capture the attention of browser developers.

How Mining Scripts Work

miningscript-thepiratebay

The best example of mining script usage comes from the time when The Pirate Bay – a popular destination for software and media piracy – has been caught with a script that mined Monero from visitors’ computers.

Many users found themselves unknowingly giving the site the revenue it needs to keep running (and then some) by using their computer power to mine a cryptocurrency. The owners of the website did this to avoid displaying ads.

Mining scripts like these work because they execute on the client side. While scripting languages like PHP usually use the server’s resources to send data to the client on how they should display a particular page, languages like JavaScript rely almost entirely on the resources of the visitor, delegating some of the tasks of presenting page elements to the browser that visits the site.

For example, one could write a script in JavaScript that asks the browser to get an ad from a third-party provider, much like how Google AdSense works. In the case of mining scripts, the code asks the browser to donate its computing power to mine a cryptocurrency. And the browser abides this request, not knowing any better.

How to Tell If You’re Being Hijacked

The simplest way to detect this kind of script running on a page is to look through your tasks and see if anything is consuming an unusual amount of CPU power. If your CPU usage hits 100% on one core while you’re just visiting a text-based page (and you see that one of your browser tasks is the culprit), then you’re probably being hijacked.

To stop the hijack in its tracks, just close the tab you think is eating up all of your resources. If you’re using a browser that executes multiple tasks in your task manager (or processes in your system monitor for those of us who use Linux), then you can just close the culprit task and it will kill the tab for you.

What Are Browser Developers Doing About This?

miningscript-security

I don’t know if the folks at Mozilla or any other browser developers have looked at this yet, but it is likely since Google engineers at the Chromium project are beginning to show awareness about the issue. Ojan Vafai, one of the engineers, has responded to an earlier bug report on 19 October 2017 and proposed some solutions to the problem, including an idea that involves automatically throttling tabs using the CPU heavily.

This doesn’t necessarily mean that a solution is coming overnight, but since engineers are already aware of the issue, we can be sure they’re working on protecting the browser’s users as soon as they build a consensus on what to do about mining scripts.

Since browsers usually follow each other’s leads, it’s likely that other solutions will be brought to the fray as time passes.

What do you think browser developers should do to combat mining scripts? Do you consider them a valid alternative to advertising (if they don’t hog all of your CPU power)? Tell us all of your thoughts in a comment!

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Miguel Leiva-Gomez Avatar

Read next

Suzanne Simard sealed paper birch and Douglas fir seedlings inside plastic bags, fed them carbon-14 and carbon-13 dioxide, and nine days later found carbon had crossed between species through fungal threads in the British Columbia soil beneath her boots
A species of jellyfish called Turritopsis dohrnii can revert its adult cells back to a juvenile polyp stage when injured or starving, effectively restarting its life cycle, and biologists have so far failed to identify any natural limit to how many times it can do this.
A Japanese man named Jiroemon Kimura, who lived to 116, was born in 1897 when Queen Victoria still ruled and died in 2013, meaning a single human life personally overlapped with the invention of the airplane, the atomic bomb, the internet, and Instagram
The Hollywood sign originally read HOLLYWOODLAND when it was built in 1923 as a real estate advertisement for a housing development, and it was only meant to stand for 18 months, but nobody ever got around to taking it down and the city eventually adopted it as a landmark
Almost all of the world’s internet traffic does not travel by satellite but through fibre-optic cables lying on the ocean floor, a hidden web of wires crossing the deepest parts of the sea to connect the continents.
People who flip their phone face down on every table aren’t being secretive. They figured out that staying interruptible meant handing their time to whoever rang first
Twitch vs. Facebook Gaming vs. YouTube Gaming: What’s the Best Live Game Streaming Platform?
Chrome Extensions Ownership Transfer is a Direct Threat to You: How to Stay Safe