Coinhive ceases operations – is it the end for Cryptojacking?

M.Sc. Chris Wojzechowski

Coinhive ceases operations – is it the end for Cryptojacking?

The digging of crypto currencies can lead to a constant income – in cryptojacking external computing power is used. The more computing power, the more money is earned. However, this type of attack loses interest. That the procedure is established as an alternative to normal advertising is also less likely.

How to dig for crypto currency?

A crypto currency is a digital currency with the peculiarity that it is neither controlled by a state nor by an official authority. The community itself is responsible for checking and booking transactions.

This job is taken over by Miner, whose computing power enables the transactions. For this, the miners themselves are paid with a cryptic currency. The creation of new data blocks, which are inserted into the chain anew for each transaction, usually requires an increasing demand on the computing power.

If you would like to earn money yourself as a Miner, it is advisable to purchase good hardware.  After all, the successful digging of crypto currencies depends on the computing power. Therefore, a faster graphics card leads to higher earnings. This is one reason why high-end graphics cards have risen sharply in price since the Bitcoin boom began.

But besides the hardware, the power costs must not be ignored! There are about 14,275 USD electricity costs if you want to mine 1 Bitcoin in Germany. This is described by a statistic from 2018. The average Bitcoin price in 2018 was approximately USD 7,500. The electricity price in Germany is relatively high compared to the rest of the world. This is why many miners come from countries with lower electricity prices, e.g. China.

Coinhive and Monero

The market for crypto currencies is broadly based. There are now well over 1,000 different currencies. Some connect digital business models, others are called so-called Shitcoins. The Bitcoin is particularly well known. It recorded an extremely high increase at the beginning of 2018.

Crypto currencies rise and fall strongly in price. Cryptojacking is especially interesting for criminals at high prices!
Crypto currencies rise and fall strongly in price. Cryptojacking is especially interesting for criminals at high prices! (Source: Coinmarketcamp)

The Coinhive software was a platform that allowed miners to mine the crypto currency Monero. The special thing was that a Coe Snippet on the website was enough to use the computing power of the visitors to mine with it.

Monero, like Bitcoin, is a blockchain-based crypto currency that has grown steadily over the past 90 days. The ups and downs of the currencies can always be seen in the browser . But the software Coinhive stopped all services on 30.04.2019, so that the miners could no longer mine moneros with this software.

What is a cryptojacking attack?

In contrast to the Ransomware attacks, the victim or affected website should not even notice that it has been hacked. Cryptojacking is all about using the victim’s computing power to dig up a crypto currency for the attacker. The well-known OWASP Top 10 vulnerabilities were exploited as a gateway. But there are even more ways how to get the snippet to the website.

The Future of Cryptojacking

Basically, it is good that a platform that has been used by criminals stops the service. But whether this will decrease Cryptojacking is another question.

Optimistically, cryptojacking could decrease. But seldom it brings something to stamp the tool. This is a problem with drug trafficking, the mafia and organized crime. The gap that has arisen is closed. With cryptojacking, the only question is when the time will come. If the visit of your own website demands an exceptionally high computing capacity – become skeptical!

The legal use of cryptojacking – is this possible?

Due to the criminal image of cryptojacking, the positive possibilities resulting from it are pushed into the background. Personalized advertising on websites, especially on Facebook, is a thorn in the side of many people. Financing the costs via crypto currencies would have been one way to cover the costs. In this case the operator of the website would earn money by digging the crypto currencies through the computing power of the visitors.

In order to use this financing possibility, the operators should consider a few rules. The eco-Verband has published a position paper describing the possibilities of legal use. An excerpt of these rules is as follows:

  • operators of a website or manufacturers of an app must explicitly inform the user that the website or app performs crypto mining and accesses the user’s resources
  • The user must be able to stop the crypto mining process at any time
  • The code used must be machine-readable at all times. The obfuscation of URLs and JavaScript code should be omitted

    • .

How these theories will establish themselves in practice remains to be seen. As long as there are crypto currencies, however, prospecting remains an issue and probably also a business model for criminals.

Photo of author

M.Sc. Chris Wojzechowski

My name is Chris Wojzechowski and I studied my Master in Internet Security in Gelsenkirchen a few years ago. I am one of two managing directors of AWARE7 GmbH and a trained IT Risk Manager, IT-Grundschutz practitioner (TÜV) and possess the test procedure competence for § 8a BSIG. Our bread and butter business is performing penetration testing. We are also committed to promoting a broad understanding of IT security in Europe, which is why we offer the majority of our products free of charge.
AWARE7 GmbH - Logo

+49 (0) 209 - 8830 6760

info@aware7.de

Google Plus Code F4X5+M2

Company

AWARE7 GmbH
Munscheidstr. 14
45886 Gelsenkirchen
Imprint | Privacy

About us
Open positions

Resources

Free e-learning
Downloads
Projects