back to article Real Mad-quid: Murky cryptojacking menace that smacked Ronaldo site grows

Cryptojacking is well on its way to becoming a new menace to internet hygiene. On some sites, internet publishers are making money by using the spare processor cycles of visiting surfers to mine cryptocurrency, using scripts running in the background on pages to mine coins. In other cases, hackers have planted JavaScript on …

  1. tmTM

    The new replacement for ads?

    Not sure what I'd rather (not) have to be honest

  2. Andy Tunnah

    I'm OK with this

    Honestly, I'd rather give up CPU cycles than see intrusive (or any, really) ads. I'm fortunate enough, probably like most people here, to have a powerful CPU, so the cycles are spare anyway. I could see how for a lot of users it'd be more of a problem.

    It'd be nice to see it evolve into a way for it to be managed, via some sort of side action of seeing how well the page is loading, to determine how much strain the mining is having on the user.

    But when I'm browsing the web, it tends to be all I'm doing (bar a tv show or movie playing in the corner) so I think it's a great way to help pay for sites.

    The problem is the internet has always been "free", and that mentality is never really going to go away. Far too many people see ads as some sort of insult almost, even if they're not intrusive; just them existing is a problem. But content creators need to get paid!

    1. Anonymous Coward
      Anonymous Coward

      Re: I'm OK with this

      true what you say about ads being an insult. number of products I've boycotted because of their ads mostly on youtube.

    2. Mike 125

      Re: I'm OK with this

      Once upon a time, we searched for ET. Ahhh innocent bygone days.

    3. Trigonoceps occipitalis

      Re: I'm OK with this

      There is a cost for background mining, power, life of CPU etc. OK, perhaps minuscule and something I would agree to if asked for informed consent. The crucial point is that I am not asked so have not agreed and it is theft.

      The other concern is security. Who knows what may be smuggled onto my PC along with the mining script.

  3. Anonymous Coward
    Anonymous Coward

    I've been noticing something the past month or two

    Previously I'd leave Firefox running for 3-4 weeks before it would get slow and I'd need to restart it. Lately I've needed to restart it a couple times a week, but I haven't updated it since early June. Makes me wonder if at some point I'm visiting a site with one of these Javascript miners, and it is somehow continuing to run in the background even after I've closed the tab/window for the site. Is that possible? Any way to tell?

    1. Aitor 1

      Re: I've been noticing something the past month or two

      Not possible unless they hack you computer. I got some nasties delivered to my computer last week, a nice 0 day from banners, and there very few pages that I have not blocked, including theregister.

      1. Anonymous Coward
        Anonymous Coward

        Re: I've been noticing something the past month or two

        Well I should be pretty safe from drive by malware, since I run Linux not Windows.

  4. Dr Who

    Troy?

    Something fishy going on here. First we have Troy Hunt and now Troy Mursch. Can this be coincidence? Troy is where trojans come from. I smell a horse.

    Whatever the truth may be, if I ever become a security pundit I'm changing my name to Troy Who.

    1. tiggity Silver badge

      Re: Troy?

      A menage a Troy

  5. The Dogs Meevonks Silver badge

    This is why the NoScript plugin has become one of the most essential things any user needs... Been using it for years and have already been able to block attempts to run this kind of code... domains like coinhive are also now blocked at the source.

    If you don't run anything to block scripts, you only have yourself to lame when/if something dodgy happens to your system.

    I'd also recommend privacybadger and a good adblocker as the minimum steps every user should take.

    Lastly... ditch chrome/edge and use firefox... I can't comment on browsers like safari or others as I've never used them.

    1. MiguelC Silver badge

      Running No script is fine, but...

      Problem is those attacks can come for legit sites that got hit by dodgy ads. You might think you're allowing the site you're visiting to present content properly but at the same time letting the malware in.

      You can block other domains but, again, many sites use third-party JS code and need them for core functionality.

      The web's a tough world...

  6. John Smith 19 Gold badge
    Unhappy

    Only they're not "running" this code are they?

    You are.

    On your PC/Slab/phone/Slate/whatever.

  7. Scroticus Canis
    Holmes

    Misuse of Computer

    Unless the user has specifically OKed the running of mining scripts they should fall under the misuse of computer laws; the code is making the computer do something not expected by the user or required to deliver the site's content.

    Unless covered in the sites terms and conditions (not buried in them) or covered by a pop-up asking if it is OK, it just can't be legal to my mind.

    Having said that I can see it would be useful for funding niche/hobbyist sites and would be OK with it provided the user is kept informed.

    1. pdh

      Re: Misuse of Computer

      > it would be useful for funding niche/hobbyist sites and would be OK with it provided the user is kept informed

      If managed properly (maybe via "official" browser or protocol support) maybe this could be a way to do truly unobtrusive micropayments? I.e. I let you use 10% (or whatever) of my CPU cycles for the duration of the time that I'm visiting your website, and in exchange you show me no ads and you collect no data about me.

    2. Anonymous Coward
      Anonymous Coward

      Re: Misuse of Computer

      "Unless the user has specifically OKed the running of mining scripts they should fall under the misuse of computer laws"

      Did you approve any of the various other intrusive and annoying crap scripts do? Ever heard of anyone prosecuted for what a non directly destructive or hacking script does?

  8. Anonymous Coward
    Anonymous Coward

    Ghostery

    Ghostery just notified me of updates to its list of blocks available, which I automagically have set, and guess what? Coin Hive is on the list under Essentials. Useful to know if your looking for killing these by default.

  9. Anonymous Coward
    Anonymous Coward

    A quick check on U-Block Origin shows that the AdGuard Base List contains:

    ! Block CoinHive

    !+ PLATFORM(ext_ff, ext_opera, ios, ext_android_cb, ext_ublock)

    ||coin-hive.com^$third-party,domain=~cnhv.co

    !+ PLATFORM(ext_ff, ext_opera, ios, ext_android_cb, ext_ublock)

    ||coinhive.com^$third-party,domain=~cnhv.co

    ||xbasfbno.info^$domain=oload.info|oload.tv

    ||jsecoin.com^$third-party

    ||minemytraffic.com^$third-party

    ||afminer.com^$third-party

    ||coinnebula.com^$third-party

    ||crypto-loot.com^$third-party

    Other lists probably also address this...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like