Header Ads

Is Browser based Cryptocurrency Mining good or bad?

Mining has always been a tedious affair, so much so that mere mention of the word conjures up images of someone swing a pick-axe into rough stones. Cryptocurrency mining is no different, with the bitcoin network needing application-specific integrated circuit (ASIC) chips solving complex computational problems to birth new coins. As if this is not enough the difficulty of mining is adjusted to ensure that one block is produced every 10 minutes. ASICs are power hungry, make a lot of noise and need a ton of electricity. The result of all these factors is that the Bitcoin network is consuming power at an annual rate of 32TWh and each Bitcoin transaction consumes 250kWh, enough to power homes for nine days.

Enter stage, Monero. This cryptocurrency was designed to be resistant to ASIC mining, but can be mined efficiently on consumer grade CPUs and GPUs. This means anyone can mine monero with average hardware running the monero client software. This egalitarian mining process has led to other third party implementations such as using monero on android and a web wallet which allows users using a browser to interact with the network from a third party website.  An example of one of such third party implementation is by a company called Coinhive.  Coinhive provides a service in which you can mine monero directly within a web browser using a simple JavaScript library (Crypto-browser mining). The Coinhive API was readily adopted by bloggers and other online platforms as a means of generating revenue instead of serving up ads.

The advantages of web based mining can readily be seen, lower overall power consumption and an alternative source of revenue for online platform owners. But the implementation has also seen a lot of abuse. For instance, a lot of online platform owners integrated the Coinhive API into their sites without notifying their users or visitors. The popular torrent site The Pirate Bay was seen to have implemented Coinhive’s API thereby turning its visitors to cryptocurrency miners without their knowledge. Browser based mining also has the unintended consequences of making both PCs and phones, slow and warm especially when they are not well ventilated. In extreme cases of throttling with prolonged usage it can max out your device and lead to eventual hardware failure. Coinhive had intended that their API would be used with some form of notification to users visiting sites where it was implemented, but sadly this was not the case. Another unintended consequence of implementing browser based mining was that hackers were quick to jump on it and exploit it for their nefarious activities. Almost overnight, Sites were being hacked and injected with mining code, and this was being done unbeknownst to both end users and site owners.

A compromised site that has been injected with the Coinhive script.

Images courtesy of Malwarebytes

Popular anti-malware company Malwarebytes said that since they started blocking Coinhive domains they have been registering an average of 8 million blocks per day. While the jury is still out on browser based mining, it is imperative that you protect yourself from abusive implementations of this new technology. Make sure your anti-malware is equipped to block browser based crypto miners or you can install an ad blocker that specifically targets browser based miners. Taking these steps will ensure you have a safer surfing experience. 

No comments

Powered by Blogger.