Slashdot Mirror
Over 500 Million PCs Are Secretly Mining Cryptocurrency, Researchers Reveal (newsweek.com)
Ad blocking firm AdGuard has found that over 500 million people are inadvertently mining cryptocurrencies through their computers after visiting websites that are running background mining software. The company found 220 popular websites with an aggregated audience of half a billion people use so-called crypto-mining scripts when a user opens their main page. Newsweek reports: The mining tool works by hijacking a computer's central processing unit (CPU), commonly referred to as "the brains" of a computer. Using part of a computer's CPU to mine bitcoin effects the machine's overall performance and will slow it down by using up processing power. The researchers found that bitcoin browser mining is mostly found on websites "with a shady reputation" due to the trouble such sites have with earning revenue through advertising. However, in the future it could become a legitimate and ethical way of making money if the website requests the permission of the visitor first.
"220 sites may not seem like a lot," the researchers wrote in a blogpost detailing their discovery. "But CoinHive was launched less than one month ago on September 14. The growth has been extremely rapid: from nearly zero to .22 percent of Alexa's top 100,000 websites. "This analysis well illustrates the whole web, so it's safe to say that one of every forty websites currently mines cryptocurrency (namely Monero) in the browsers their users employ."
"220 sites may not seem like a lot," the researchers wrote in a blogpost detailing their discovery. "But CoinHive was launched less than one month ago on September 14. The growth has been extremely rapid: from nearly zero to .22 percent of Alexa's top 100,000 websites. "This analysis well illustrates the whole web, so it's safe to say that one of every forty websites currently mines cryptocurrency (namely Monero) in the browsers their users employ."
... 220 out of 100 000 is more like 0.22%
Heigh-Ho, Heigh-Ho
Follow the "raw research data" link from the original blog post, https://blog.adguard.com/en/cr...
really?
The company found 220 popular websites with an aggregated audience of half a billion people use so-called crypto-mining scripts when a user opens their main page
Uhh... why would any sane individual allow any web site they visited to have scripting control over their browser? Have they been asleep over the last 20 years that this has proven to be a stunningly poor idea? Have they missed endless malware attacking the JS interface, the endless shitware ads, the abuses of user's experience with pop-unders and auto-play shit, and now things like this?
Holy macaroni, people. It's YOUR computer! Exercise a little bit of control over it already, instead of endlessly bitching that the random people you gave control to who you have no reason at all to trust are doing things you don't like.
I'd rather support a website with cpu cycles anonymously than advertising. They have to eat too.
Jesus mother fucking Christ bouncing on an inverted mother fucking pogo stick, are you seriously including shit like this in what you choose to reference in the goddamned mother fucking summary?
BeauHD, if you're so goddamned fucking stupid that you need to point to articles which have this drivel, and include it here on Slashdot ... you're not fucking qualified to post fucking articles to Slashdot.
Go the fuck home, suck your thumb, and shut the fuck up.
Anybody on Slashdot who doesn't know what is CPU is, please, for the sake of all of us, go home, shut up, and fucking kill yourself in shame.
Fuck people, if you can't cite intelligent articles, don't fucking use them at all.
How did we get such retards posting articles on Slashdot? Fucking hell, Slashdot really is dying.
The mining tool works by hijacking a computer's central processing unit (CPU), commonly referred to as "the brains" of a computer
Wow, that's amazing! Who would have thought of carrying out an attack in this manner!
Gee, none of us here knew that. Thanks a lot Sherlock, for that amazing piece of information!
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Let's get down to brass tacks: How do I stop the bitminer? Can't I just close the web page? Or do I need to close the whole browser? Does the miner start up again when I relaunch my browser? I've been watching Firefox hog 4/5th of my PC's resources, with chronic pauses ("the browser has stopped responding") so bad that I can't switch tabs and even animated gifs freeze. Other programs run like nothing's going on. It gets worse and worse as the day goes on. Every add-on disabled. I visit one of these affected websites a couple times a week.
So... rampant abuse of the unsuspecting public -- which, one could argue, *should* generate a bit of outrage here.. ...and y'all are busy outraging about what a shoddy article was used to make this summary?!
C'mon guys. Get with it! So what if the summary is crap -- the message is this shit (the cryptomining) is spreading like wildfire. That's where the outrage should be!
The "Civilized World" jumped the shark ca. 1973.
Does this include Slashdot and its other sites? No I am not being a coward for choosing to be anonymous, the spyware that comes with stuff from Sourceforge is extremely worrying so I wouldn't be surprised if Slashdot also participate in using peoples computers for this sort of thing. Ethically and Morally it is not beneath them.
Wouldn't you notice your load average pegged for no obvious reason, and investigate?
The effect is quite audible on my macbook pro. If I visit thepiratebay results page and disable adblock plus, the fans noise up from zero to the top speed in 30 seconds. Firefox CPU usage jumps to 25%. This stops as soon as the web page is closed, of course.
17779 eligible voters in a district, 17779 'vote' as one. This is Russia.
Who 'commonly' refers to the CPU as the brains of a computer? I have never in my life heard anyone use that term. It's a fucking stupid term and you should feel bad for even thinking it.
P.S. Could that be a reason for inconsistencies in battery life tests of the latest MBPs?
17779 eligible voters in a district, 17779 'vote' as one. This is Russia.
Since microtransactions are too expensive (due to high transaction fees) on many cryptocurrency networks, it makes sense that free websites would just have the visitor do some mining instead. Instead of say 2 satoshis to view an article on Wall Street Journal, you just donate a certain number of hashes (total, not per second) per article.
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
> Using part of a computer's CPU to mine bitcoin effects the machine's overall performance and will slow it down by using up processing power.
If you are effecting the CPU using a bitcoin miner, then stopping the bitcoin miner will have no affect except on the bitcoin mining. Use the computer's own CPU instead and you won't have any problems.
A report written by someone who seems to be only semi-literate really isn't worth paying much attenton to.
there's a new adblockplus compatible filter list that specifically targets this...
https://github.com/hoshsadiq/a...
it's only about a month in the making, so please contribute as this problem is only going to get worse over time.
Honestly, this seems preferable to me to being bombarded with ads on some website.
But let's be honest here - no site that assaults you with a ton of ads is going to switch over to having the visitors mine coins - they're just going to add that the list of things they use to make money, along with the ads.
Is this really something to get so worked up over? It's only doing it in a browser process, and it's only going to be real problem if you happen to be using the crappy browser to begin with. Like most people I hate ads but I also don't want to pay for online subscriptions. If this generates revenue for a content provider without getting in my way then how is that anything other than a win-win?
" 2.2 percent of Alexa's top 100,000 websites."
Uh, 2.2% of 100000 is 2200, not 220. So, should it be top 10,000, or what?
Those numbers are based on total monthly traffic stats. Only a small number of this "total" users are affected.
The mining tool works by hijacking a computer's central processing unit (CPU), commonly referred to as "the brains" of a computer.
Idiocracy, here we come. I suspect we'll have to start talking in 3rd grade language when Kid Rock is president.
We'll make great pets
People are still enabling javascript for every site on the web, in 2017?
Yeap, well done greedy websites. I've "tolerated" ads for a long time. I'm rolling out adblockers to all my systems, if a site wont load, I just wont use it anymore.
For a list of servers that bushwhack you with this script see here https://censys.io/domain?q=%22coinhive.min.js%22&page=1/ & add them as blocked to hosts (you can query 12 pages a day OR MORE if you join as a member) + blpcking the coinhive servers (so you can't be infected by blocking them OR even IF you have it already, it won't be able to 'talk back' to its C&C servers) in hosts via e.g.:
0.0.0.0 coinhive.com
(There are 100's more listed in the link above)
APK
P.S.=> For the best hosts file possible for more speed, security, reliability & anonymity online APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ ... apk
For a list of servers that bushwhack you with this script see here https://censys.io/domain?q=%22coinhive.min.js%22&page=1/ & add them as blocked to hosts (you can query 12 pages a day OR MORE if you join as a member) + blpcking the coinhive servers (so you can't be infected by blocking them OR even IF you have it already, it won't be able to 'talk back' to its C&C servers) in hosts via e.g.:
0.0.0.0 coinhive.com
0.0.0.0 coin-hive.com
0.0.0.0 www.coin-hive.com
(There are 100's more listed in the link above & checking to see if this article's sources have MORE ontop of this is a good idea just in case...)
APK
P.S.=> For the best hosts file possible for more speed, security, reliability & anonymity online APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ ... apk
Hosts protect where addons can't (or as well):
Bad sites (past ads)
Botnet C&Cs
DNS down or poisoned
Trackers (dns logs/ads/transparent ISP proxy)
Dns blocks
Spam/phish payload
Slowdown 2 ways: adblocks & hardcodes
Hosts = Ez edit.
AB+ 151mb https://www.google.com/search?q=Adblock+memory+consumption&btnG=Search&hl=en&gbv=1/
UBlock 64MB https://www.google.com/search?q=UBlock+memory+consumption&btnG=Search&hl=en&gbv=1/
Hosts~16mb
Addons = ClarityRay defeatable & crippled http://www.businessinsider.com/google-microsoft-amazon-taboola-pay-adblock-plus-to-stop-blocking-their-ads-2015-2/
NoScript tag parses. Hosts block script prior to it!
No 1 addon does as much.
Stacked addons slowup.
ADDONS = EXPLOITABLE https://news.slashdot.org/comments.pl?sid=11166303&cid=55266729/
APK
P.S.=> For the most complete list of servers to block vs. this coinhive madness see https://news.slashdot.org/comments.pl?sid=11233583&cid=55368753/
See subject: I *just* finished gathering the coinhive servers to block (minus joining) so it took me ~4 days to get them all (FYI).
APK
P.S.=> Enjoy being safe(r) vs. this thing & there's probably going to be more of these over time to add into hosts as blocked... apk
Stops external script requests.
One of the best simple firefox addons rarely talked about.