Page 1 of 1
Silent Crypto Miners Appearing on Websites
Posted: Sun Sep 17, 2017 11:36 am
by gotitbro
I just came across a website that was using a silent
JavaScript miner (crypto miner) called
Coinhive which was using a lot of CPU of my not so powerful device. These JavaScript mines seem to have gained popularity in recent times especially with news reports coming in that even The Pirate Bay has started using these miners (actually the same Coinhive one).
I get why websites are turning to these JS miners, to get some revenue with cryptocurrencies maybe because ads aren't performing that well. But that doesn't give them the right to use my machine as a node for their mining purposes
without my consent. All they had to do was show a little popup asking my permission.
What do you think about these silent JS miners?
More Info: https://github.com/uBlockOrigin/uAssets/issues/690
TPB Report: https://torrentfreak.com/the-pirate-bay ... er-170916/
Re: Silent Crypto Miners Appearing on Websites
Posted: Mon Sep 18, 2017 3:41 am
by LanikSJ
gotitbro wrote: ↑Sun Sep 17, 2017 11:36 am
What do you think about these silent JS miners?
If someone is using my machine or resources for their own personal gain justified or not is not cool with me. Especially when it's done without my consent. Might as well be malware AFAIC.
Re: Silent Crypto Miners Appearing on Websites
Posted: Mon Sep 18, 2017 8:06 am
by gotitbro
[mention]Lanik[/mention] Exactly, but here we have people who not only have no problem with TPB for doing so but also support it
https://torrentfreak.com/the-pirate-bay ... qus_thread. When I asked for why this was so I got a response hat this is better than malicious ads.
It seems like a right justification but now that I think about it is it really? This seems worse than malicious ads to me I don't even have take any action here.
Re: Silent Crypto Miners Appearing on Websites
Posted: Mon Sep 18, 2017 1:14 pm
by -Mark-
That's f*** invasive! Forcing visitor's resources downright for personal gains is unacceptable, needs to be firewalled.
Gorhill created a filterlist for that-
https://raw.githubusercontent.com/uBloc ... tterns.txt
Adding that now
Re: Silent Crypto Miners Appearing on Websites
Posted: Tue Sep 19, 2017 8:40 am
by gotitbro
[mention]-Mark-[/mention] That filter list still seems to be a work in progress something could still change drastically with it. And you're right its invasive it is beyond me why people are even supporting this.
Re: Silent Crypto Miners Appearing on Websites
Posted: Thu Sep 21, 2017 2:07 pm
by smed79
Re: Silent Crypto Miners Appearing on Websites
Posted: Sat Sep 23, 2017 10:45 pm
by gotitbro
[mention]smed79[/mention] That list seems to be fairly new. Is it correct to add it to the database without much testing?
Were you the one who added it on the ABP page?
Re: Silent Crypto Miners Appearing on Websites
Posted: Sun Sep 24, 2017 1:26 am
by smed79
gotitbro wrote:Were you the one who added it on the ABP page?
Why me? I have just found this list by accident at
ABP sub page when I wanted to subscribe to Fanboy's Annoyances.
gotitbro wrote:Is it correct to add it to the database without much testing?
I don't understand what you mean by "without much testing"?
For any other question/issue ask at
https://github.com/hoshsadiq/adblock-nocoin-list/issues
Re: Silent Crypto Miners Appearing on Websites
Posted: Sun Sep 24, 2017 1:31 am
by gotitbro
[mention]smed79[/mention] I thought you had some control over ABP's subscription page :p
What I meant with not much testing was that we don't know if its going to be an actively maintained list and handled properly, that is all.
Re: Silent Crypto Miners Appearing on Websites
Posted: Sun Sep 24, 2017 1:49 am
by smed79
You can follow the
NoCoin repo on github and
proposed to optimize the filters if you see something not handled properly.
Re: Silent Crypto Miners Appearing on Websites
Posted: Thu Oct 26, 2017 4:12 pm
by gotitbro
How it all began:
https://news.ycombinator.com/item?id=15246145
The above entry was posted on Hacker News (HN) on 14 September, 2017 by
pr0gramm which operate the
pr0gramm.com German imageboard. pr0gramm are the original creators of
Coinhive as they have themselves told us on
their webpage (have since removed this info and shifted the Coinhive website to coinhive.com from coin-hive.com). Coinhive as told by the creators originated from an experiment on the imageboard itself which itself was curiously completely opt-in and had to be run in a separate tab (miner.pr0gramm.com).
Just two days later on 15 September, 2017 it was reported that
The Pirate Bay (TPB) has started using Coinhive and taking in account the time frame TPB probably got acquainted with Coinhive through the HN thread. Browser based cryptominers which were unheard of at the time got a lot of media exposure due to being used by the one of the most popular torrent sites. In no time there were multiple web based crypto miners available for anyone willing to
use them even as plugins. The web mining segment is highly saturated as of now with many solutions available being used mostly on piracy and not so trustworthy websites.
I am not saying that Coinhive/pr0gramm were the first to implement browser based mining but they sure made it mainstream.
Re: Silent Crypto Miners Appearing on Websites
Posted: Fri Oct 27, 2017 2:38 am
by smed79
Re: Silent Crypto Miners Appearing on Websites
Posted: Fri Oct 27, 2017 10:00 am
by gotitbro
Yes I read about that. Just goes onto show their "security". Thankfully the hacker didn't do something nefarious such as spreading malware just changed the settings to get the all Monero mined for the websites for himself.
He apparently found their password from the 2014 Kickstarter data leak. I can't believe they didn't change their passwords after that.
Re: Silent Crypto Miners Appearing on Websites
Posted: Sat Oct 28, 2017 7:12 am
by smed79
? WhoRunsCoinhive => http://www.whorunscoinhive.com/thelist
Re: Silent Crypto Miners Appearing on Websites
Posted: Sun Oct 29, 2017 4:29 pm
by gotitbro
Nice website. I do not understand what they mean by "Coinhive Site Key". Is it the same as Google Analytics, FB website tags?
Re: Silent Crypto Miners Appearing on Websites
Posted: Sun Oct 29, 2017 5:42 pm
by smed79
e.g
kickass.cd ==>
http://i.imgur.com/AOw3on1.png (
joztQmQ87OjS1....
).
"
the ‘site key’ is a unique identifier to indicate which beneficiary will be paid" - Coinhive’s documentation.
Re: Silent Crypto Miners Appearing on Websites
Posted: Sun Oct 29, 2017 7:32 pm
by gotitbro
So, the site keys that are listed and contain multiple domains probably belong to one person/entity?
Eg: http://www.whorunscoinhive.com/coinhive_id/OT1CIcpkIOCO7yVMxcJiqmSWoDWOri06
Also when tried to search kickass.cd on the whorunscoinhive.com website it did not detect it :/