Common threats like adware and spyware have a new tricky classmate called “cryptojacking”. Cryptojacking secretly uses your system or laptop or mobile device to mine cryptocurrency when you visit an infected site.
Malicious miners aren’t new in themselves, but cryptojacking has exploded in popularity over the past few weeks, because it offers a clever twist. Bad guys don’t need to sneak software onto your computer to get it going, which can be a resource-intensive attack. Instead, the latest technique uses Javascript to start working instantly when you load a compromised web page. There’s no immediate way to tell that the page has a hidden mining component, and you may not even notice any impact on performance, but someone has hijacked your devices—and electric bill—for digital profit.
The idea for cryptojacking started in mid-September, when a company called Coinhive debuted a script that could start mining the cryptocurrency Monero when a webpage loaded. The Pirate Bay torrenting site quickly incorporated it to raise funds, and within weeks Coinhive copycats started cropping up. Hackers have even found ways to inject the scripts into websites mining money for themselves off of another site’s traffic.
Opera 50 Beta RC released with an in-built anti-Bitcoin mining feature called NoCoin – Cryptocurrency Mining Protection.
Like so many web tools, cryptojacking has plenty of promise as an innovation—and plenty of people happy to exploit it.