Tutorials

Are your favorite websites mining cryptocurrencies using your device? Find out!

Published

on

.

Last modified

on

Crypto Heroes how to find out if websites you use are mining bitcoin HEADER

Cryptocurrency mining was all the rage back in 2011. You could get as much as 50 Bitcoins at a go if you managed to claim the block reward and solved the complicated hashing problems needed to confirm transactions. However, when more and more miners joined the race, the self-adjusting difficulty of the Bitcoin protocol caused laptop and desktop CPUs to go out of relevance in the Bitcoin mining arena.

Claiming the block rewards now boiled down to a contest of who had the biggest share of the processing (hash) power. Coins became more valuable in 2012 and 2013, and cryptocurrency miners started looking for smarter ways to amass processing power. Advances were made in the software and hardware front. ASIC (or Integrated Specific miners came to play, kicking out the CPUs and ushering in the age of GPU mining.

The golden years of GPU Bitcoin mining spanned 2013 to 2017. It was very profitable and brought more users to the blockchain scene. Bitcoin was not the only cryptocurrency being mined – other lucrative coins were Ethereum (ETH), Tezos (XTZ) and Monero (XMR). When Bitcoin and most other altcoins hit their peak in December 2017, so did the miners’ interest in the ‘easy’ profits that could be made. Then a Bitcoin blockchain block reward could easily net $100,000 for 10 to 20 minutes of computing time. That is when big names like Bitmain and big mining pools like Antpool started dominating the industry and drove away hobbyists.

The rise of website browser miners

In late 2017, the hash power needed to mine profitably was just too much because of a heightened mining difficulty. People started seeing just how much potential this new financial system had. The difficulty and extremely high cost of setting up mining rigs threw people off. It led to an unreasonable demand for mining opportunities from all the people who were late to the party. At around the same time, ingenious miners developed a new form of harvesting coins – using computing power from distributed networks.

Why do websites mine only Monero and not Bitcoin?

Mining protocol developers devised ways of tapping website traffic. Websites with a high number of visitors can be monetized by making use of their extra computing power. The cryptocurrency miners would not focus on Bitcoin alone. Monero, which was then a new privacy coin, started becoming more feasible than Bitcoin for newbies and low-budget hobbyists. It did not require too much money, know-how or super-fast computers to mine. Dash is another popular coin that could be mined this way.

How browser mining works

According to a Symantec Security report, coins can be mined for using JavaScript APIs that run on the browser. Instead of downloading a dedicated executable file from, say, Minergate, and running it in a computer, mining extensions instruct the browser to solve mathematical equations (used for confirming crypto transactions), using the client’s computer.

The biggest developer of the browser miners is called Coinhive. The startup created a very neat package that would enable website owners to write a few lines of JavaScript code into their in-house code and deploy it to their visitors.

Coinhive proposed a new business model that provides a better browsing experience for site visitors while making money for the owner. In return for fewer ads, users would have Monero or Dash mining enabled during their stay on the site.

Crypto Heroes how to find out if websites you use are mining bitcoin TEXT

So, why all the noise?

This transparent model made sense. However, whenever there is an opportunity to corrupt, corruption inevitably takes place. It is human nature. Mining cryptocurrencies for ad revenues would have been a perfect way to go if only there was transparency.

Coinhive’s system was abused left, right and center. Sites would enable non-consensual stealth-mining without their visitors’ consent. The first major site to do this was The Pirate Bay, a popular filesharing and torrenting platform.

The Pirate Bay receives hundreds of millions of visits per year, yet has meager revenue. The platform cannot run AdSense and AdWords advertisements because of the nature of the content it provides. Google wouldn’t let it do so. For years, it relied on donations and some black-hat ads from the internet’s underbelly to keep the servers running.

Monero mining promised a brand new revenue stream for the torrenting site – and it secretly deployed the code on the front page. Within days, users found them out and perceived that the practice was malicious.

Unfortunately, since it takes valuable computer processing power of the user, it automatically becomes classified as a malicious agent. More and more sites started incorporating the incognito software, including popular content streaming sites. Showtimes, a site that charges users to view its content, got hacked – with hackers embedding the malicious code on their pages. With the growth in the hashpower needed for mining new XMR coins, the miners would often max out the processing capacity of the CPU – hence slowing down everything else.

It soon became a tell-tale sign that if your computer becomes super-slow during a certain website visit, it might probably have Monero-mining enabled in the background.

How to know if a website is using your CPU to mine Bitcoin

The fastest way of finding out if there has been cryptojacking on the website you are visiting is observing the way your computer behaves when you are in a particular site. If the computer becomes ridiculously slow, you might want to take a look under the hood.

If you are running a Windows Operating System, just right-click on the task bar and open the Task Manager. Take a look at the processes running in the background. If the CPU usage is more than 75 percent, it is a huge red flag that something out of the norm is happening.

If you are running a Mac, open the Spotlight and search for the Activity Monitor. From there, you can see what processes are taking up the bandwidth. If you cannot pin-point what is eating up the resources, close the browser and see if the computer processing speed improves.

If there is a marked recovery in the performance of the computer, you might have accessed a website with cryptojacking malware enabled – and hence you can make a decision whether to return to the site or not.

What if you wish to access the website but do not want to be mined?

If you are not a fan of a maxed-out CPU, but you still need to get into a site that has been cryptojacked? To do this, you install an ad-blocker that stops the mining scripts from working. If you are using Chrome, a good blocking extension is Adguard. You could also download the Opera browser, which has a built-in blocker to keep the miners off. MinerBlock is another great addition to this list.

Keeping Safe

Ultimately, you need to keep your computer safe from malicious attacks. Ensure that you have your antivirus updated and in good working condition (with settings set to the highest level of safety) before visiting potentially infected websites. Be careful not to download any suspicious files or email attachments because they may have executable programs that might install mining clients into your laptop.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending