Popular websites mining behind users’ back

SHARE THIS POST:

Chrome extension, The Pirate Bay, Showtime and dozens of sites. Hackers and site owners found a new way to earn money. Legal or not, it’s happening.

“Arrr! We, Pirates, demand…!”

Some time ago if you visited The Pirate Bay site, your computer instantly started to crunch the numbers what leads to digging cryptocurrencies without user’s knowledge. Users of this infamous site reacted very quickly as they noticed extremely high CPU utilization during loading pages on site full of torrents. After complaints, Pirates from the Bay admitted:

“As you may have noticed we are testing a Monero javascript miner.

This is only a test. We really want to get rid of all the ads. But we also need enough money to keep the site running.

Let us know what you think in the comments. Do you want ads or do you want to give away a few of your CPU cycles every time you visit the site?”

After an explanation of The Pirate Bay visitors agreed to following terms, but shouldn’t the owners have told users about their tests before?

“I think this is an interesting idea. Keeping users informed is essential though. Giving registered users possibility of choosing between ads and mining might be also viable […]” – Hiroven, 09-16

Now, the site is using only 20-30% of user’s CPU explaining yourself that previous 80-100% was a “small typo”. Well, as I checked last time numbers 8 and 9 are pretty far away from 2 and 3.

Follow the Pirates

The authors of SafeBrowse extension plugged in Chrome Browser found the idea of mining for Monero very interesting. As The Pirate Bay owners, SafeBrowse hasn’t informed users about embedding the Coinhive JavaScript Miner too. In contrast to The Pirate Bay site that users have to browse to start mining, SafeBrowse extension is working all the time making users’ computers slow and hard to use. This Chrome extension should protect over 14,000 users. Instead, it crashed their computers. Some of the users wrote posts on Reddit about the problem asking others to report this extension. As you can see here, a SafeBrowse extension is no longer available in Chrome Store. Creators of SafeBrowse has provided Bleeping Computer the following statement:

“Unfortunately we have no knowledge, apparently has been a hack. I’m currently researching, I have already contacted the Google team. The extension has not received an update for months, so I do not know what it’s all about.”

It’s not the first time authors of the SafeBrowse extension or alleged hackers were trying to smuggle something shady into code. In 2015 researchers found that SafeBrowse and few other extensions plugged in analytics code that tracks users in a web.

Showtime and… mine?

As The Pirate Bay and other sites plugged Coinhive Javascript Miner in a partially smart way, Showtime did it just wrong. But first, Showtime is a platform that allows users to watch selected movies and TV series for a monthly charge. That fact doesn’t bother owners of VOD to earn some extra money by mining Monero. The problem appeared when Showtime users noticed the deterioration of videos. Well, authors of Showtime definitely didn’t overthink that move. After users’ complaints code on Showtime site became clear. In the end, Showtime refused to comment on that case. A proof you can see here.

Not only on very popular sites users could find a malicious code for mining cryptocurrencies. Visitors started to mine Monero while visiting many of Polish and Bulgarian informational sites.

There is a suspicion that scripts are spreading by advertising system. The truth is known only by sites’ owners.

 

The blockchain24.co site shall not be held responsible for any consequences resulting from the use of data contained in the pages of the site.

If you feel like sharing your thoughts and knowledge about cryptocurrencies, or write and publish a whole article just send us to [email protected] We would love to publish your piece on our platform!

If you want to comment this article, visit our Blockchain24.co forum!

The blockchain24.co site shall not be held responsible for any consequences resulting from the use of data contained in the pages of the site.