Report claims ecommerce sites are hijacking visitor CPUs to mine digital coins

CoinHive
Several months ago, reports surfaced claiming that CBS-owned Showtime was allegedly accessing the processors of PCs visiting two of its websites to secretly mine virtual coins. The process is called “cryptojacking,” and relies on code embedded in a website that silently runs mining software within the visitor’s browser. It’s a growing problem, and a recent report indicates that it’s even spreading across legitimate ecommerce sites, generating virtual money in the background while you spend real-world cash.

The growing practice of mining virtual coins within a visitor’s browser stems from a new JavaScript kit called CoinHive. There’s nothing malicious about this software, as it’s specifically designed to mine virtual coins within a web browser using the visitor’s processor. It’s meant to be an alternative payment method for visitors: mine coins for the site in return for free downloads, ad-free video streaming, in-game items, and so on.

But in a report provided by independent security researcher Willem de Groot, he found at least 2,496 online stores running CoinHive in the background. Even more, 80 percent of these online shops were likely not running the mining software on purpose, as he discovered they were also infected with malware that steals payment information during transactions, also known as “payment skimming.”

Groot also notes that out of the 2,496 infected ecommerce sites, 85 percent were linked to a mere two CoinHive accounts, and the remaining 15 percent were connected to multiple unique accounts linked to the ecommerce companies. Groot believes that the bulk of the infected sites are running outdated ecommerce software with well-known software vulnerabilities, enabling hackers to inject these sites with CoinHive and payment skimming malware.

At the time of this post, one “infected” website was Subaru’s online shop in Australia. Sure enough, when we visited the site, the tab in Google’s Chrome browser began using 45 percent of our CPU, waking up the chip’s cooling fan. Once we exited the page, the tab’s CPU usage dropped back down to near zero, and the fan went quiet. We didn’t find any reference to CoinHive in the site’s source code, but rather a hidden “iframe” that loads up a page labeled “Apache2 Debian Default Page.” The CoinHive JavaScript resides towards the end of the page’s code so it’s not blatantly visible on Subaru’s website.

CoinHive

There’s also something definitely going on at Musicas.cc. When we visited the site, the Chrome browser tab shot up to nearly 90 percent of CPU usage. We also found the CoinHive JavaScript listed at the end of the page’s source code, verifying that it is indeed mining virtual coins in the background without any warning on the site’s main page.

“Some sites bluntly include the official coinhive.js file, others are more stealthy,” he reports. “Others disguise as Sucuri Firewall.”

To prevent sites from hijacking your processor for digital coin mining, you can use stand-alone software with a built-in ad-blocker, or install a similar plugin within the browser. Another method is to edit the “hosts” file located in the “windows\system32\drivers\etc” directory with Notepad to add “coin-hive.com” and “coinhive.com” on the blocked list.

Product Review

Google’s Pixel 3 is a hair away from pocket-sized perfection

Google’s Pixel 3 smartphone is the best Android phone you can buy. It doesn’t have the best looks or the best hardware, but you’ll be hard pressed to find better software and unique A.I. functionalities.
Gaming

Jump into an internet DeLorean and play free Commodore 64 games online

The Internet Archive has added more than 8,800 full Commodore 64 games to its software library. Here's how you can play them completely free in your browser without the need for a joystick.
Computing

Spoof Adobe Flash updaters are inserting cryptocurrency mining malware

As part of these attacks, bogus Adobe updaters go on to legitimately update Flash Player and throw users to an official website on completion. Unfortunately, they also embed an "XMRig" mining bot in the process.
Cars

Ford hatches a software update to fix a fiery problem with its GT supercar

Ford warns 200 examples of the GT supercar built between December 2016 and July 2018 can catch fire if hydraulic fluid leaks from the rear wing onto the hot exhaust. It will fix the problem with a software update.
Computing

Nvidia is slowly rolling out its next generation of GPUs. Here's what you need to know about them

Nvidia's new RTX 2000 series graphics cards are impressive pieces of hardware, with some amazing advancements and some rather high price tags to match. Here's everything you need to know about Nvidia's new top-tier cards.
Computing

Lenovo and Dell make great professional laptops, but who does it best?

Finding the best laptop for professional use at the office, on the move, and at home is no easy task. There's plenty to choose but to find the best of the best, we pitted the Lenovo ThinkPad X1 Extreme vs. Dell XPS 15.
Computing

Personal info of 30,000-plus Pentagon employees compromised in contractor breach

The Pentagon is facing another security problem after it was discovered that a contractor was responsible for a leak of data that affected more than 30,000 Pentagon employees, both civilian and military.
Emerging Tech

Here’s all the best gear and gadgetry you can snag for $100 or less

A $100 bill can get you further than you might think -- so long as you know where to look. Check out our picks for the best tech under $100, whether you're in the market for headphones or a virtual-reality headset.
Emerging Tech

What the heck is machine learning, and why is it everywhere these days?

Machine learning has been responsible for some of the biggest advances in artificial intelligence over the past decade. But what exactly is it? Check out our handy beginner's guide.
Computing

Did your Windows 10 audio stop working after the update? Microsoft has a fix

Microsoft has released a small patch for its October 2018 Update build of Windows 10 following some users facing audio issues that resulted in no sound output at all. After this fix, that problem should disappear for good.
Photography

Adobe’s Premiere Rush is a video-editing app designed for social media projects

At Adobe MAX 2018, Adobe unveiled updates across the board for all of its Creative Cloud apps, from the release of Premiere Rush CC, a social-focused video editor, to Project Gemini, a digital drawing and painting tool.
Computing

World’s first 49-inch, dual QHD curved monitor tops Dell’s new line of displays

Dell's world's first 49-inch dual QHD curved monitor and other new displays come packed with innovative design features and technologies aimed at meeting demands of workflows everywhere.
Computing

Updated Intel processor benchmarks still beat AMD Ryzen competitor, but by less

After some controversy, updated Principled Technologies testing shows the Intel i9-9900K with a reduced lead over the AMD Ryzen 2700X in benchmarks, and with the AMD Ryzen 2700 X seeing better performance. 
Home Theater

HDMI 2.0b is a whole lot more than just a connection to your TV

HDMI 2.0b is the backbone for many of the latest updates in 4K UHD technology. And while a new cable standard can often involve a bunch of changes for consumers, that is not the case this time around.