reconnaissance

SecurityTrails Blog · Oct 02 · SecurityTrails team

How much cryptocurrency can a web cryptominer actually mine?

In 2017, we’ve seen a resurrection, of sorts, of web mining. Why do we say “resurrection”? Because despite a drop in popularity after its release to the world in 2011, it has recently been re-introduced to us in a new form.

We have reported on the malicious cryptocurrency mining operation using JavaScript that could have contributed to the bad word-of-mouth following web mining, but an increase in browser-based cryptomining is leading people to it once again.

Before we dive deeper into the subject of web cryptomining, and how it differs from ‘normal’ data mining, let’s first get comfortable with all that web mining is, and explore the history behind it.

What is web cryptomining?

In short, web cryptomining occurs when a scripting language like JavaScript is implemented to a browser, a website or a page on the website. While that page is open, JavaScript will perform cryptocurrency calculations through the browser by using the local CPU from website visitors. This gives someone with the cryptocurrency key ability to make money for all the hashes.

There were numerous reports of websites being hacked, scripts running cryptocurrency mining added to them. A regular visitor of a website with such scripts might not notice anything out of the ordinary, but some have reported shortened battery life and devices heating up quickly, sometimes even becoming extremely hot to the touch, with the afflicted websites using their CPU power.

A little on the history of browser mining

Going back to 2011, BitcoinPlus.com was launched as a revolutionary service using JavaScript code where website owners can sign up and embed scripts on their website allowing visitors to mine Bitcoin for them. Its sole focus was on Bitcoin, as in those years, Bitcoin mining was the easiest and cheapest solution; Cryptocurrency prices were low, and its level of difficulty even lower, making it possible for some weaker hardwares to perform cryptomining.

BitcoinPlus.com’s fees could not cover the costs of electricity usage, and because explaining to your visitors why their CPU was being used was not an easy task, it was quickly left behind.

Another resurrection of browser mining took place in 2013, when a group of students at MIT launched a project called Tidbit, This dabble in browser mining didn’t last long either — it attracted attention from the law, and was investigated on charges of unlawful access to a person’s computer processing power.

After these failed attempts to make web crypto mining a ‘thing,’ interest in it calmed down. Largely forgotten, the idea has lingered; with methods using hardware users have in their homes, combining mining power to create added revenue for website owners.

2017 Resurrection

During the years of the first browser-mining scripts, the number of coins to choose from and the possibility of turning them into fiat currencies was so low that those scripts were not expected to last long.

But by 2017, we saw a lot more diversity in coins and the mechanisms used to mine them. We witnessed the revolutionary development of ASIC miners and the growing number of currencies that could be mined with CPU and GPU.

In a time when everyone uses ad-blockers, different ways of gaining revenue are of great interest to website owners.

Expansion and the growing popularity of web cryptomining has increased with Coinhive - an alternative to standard ad revenue which allows website owners to use scripts on their websites that make visitors pay for content. It’s been created as a replacement for the traditional ads found on all areas of a website, and aren’t the favorite thing for visitors who wish to enjoy content without distractions. In a time when everyone uses ad-blockers, different ways of gaining revenue are of great interest to website owners.

In contrast to its predecessor BitcoinPlus.com, Coinhive mines Monero instead of Bitcoin. Even though Monero is a currency designed to be mined with GPU and CPU, Coinhive and other browser-based mining services work only with CPU mining.

By their very definition, Coinhive and web cryptomining are best used on high-traffic websites, and on websites where users stay for longer periods of time, such as torrent and streaming websites.

One of the first high-traffic websites to use Coinhive was PirateBay, a torrent website. And as with all browser mining attempts, it caused a backlash from users.

Cryptojacking Malware

An important thing to know about web cryptomining is that it can be done with or without website visitors’ approval. An ethical debate was sparked after the PirateBay incident; while many users were outraged, there were also many who were supportive of their favorite torrent website using their CPU to gain revenue. They found this approach better than having to endure the numerous ads they would normally find on a website.

After the PirateBay incident, websites were slowly tracked down for using web mining scripts. Many of them were established websites that had already generated large revenue on their own — meaning hackers were embedding the scripts to gain money for themselves, since it would be strange for those websites to make their visitors pay twice for content.

News of many plug-ins and browser extensions being hijacked and infecting computers with scripts that mine cryptocurrencies began rolling in. Web cryptomining was even attempted on parked domains found and hijacked by hackers.

Reasons for browser mining

Browser mining has been re-introduced to the public for several reasons:

  • Privacy. There are many privacy-oriented cryptocurrencies designed to secure transactions. Monero, for example, keeps the transaction amount and addresses of sender and receiver completely private, protecting those with malicious intentions.
  • Prices. In the past few years, cryptocurrency prices and popularity are on the rise.
  • Easy to use. By merely adding two lines of script to your website code, you’re ready to start mining.
  • Capability. Without the need for special machines designed for mining, web cryptomining is easy to get into and an easy way to make money.
  • Revenue. As we mentioned, putting cryptomining scripts on websites is a way for website operators to make money, in contrast to ads that are traditionally used and not so favoured by the audience.

Advantages of web cryptomining

The advantages of browser-based cryptomining are based in the fact that anyone can do it — you don’t need any special equipment or education. All it takes is inserting two lines of script in your code, and you’re good to go.

Besides the lack of machines and knowledge, beginners can start mining coins just by using the Internet, with no investments needed.

Coin extraction is done through software located on the site’s server, and the resource you tap is the CPU power of a website visitor’s machine.

Besides the lack of machines and knowledge, beginners can start mining coins just by using the Internet, with no investments needed.

And while having no call for investing sounds appealing, there’s always a catch to things that sound too good to be true.

Web cryptomining isn’t profitable

The profit made with this type of cryptomining is next to nothing in most cases. Because it’s done with CPU, and keeping in mind that even regular coin mining with CPU generates low profit, browser-based CPU mining can sometimes get you in a situation where it won’t even cover the electricity bills.

Profit made with web cryptomining depends on several things. Notably, it can depend on the particular coin being mined and its rate; for example, web mining Monero is more profitable than Bitcoin mining.

That being said, one thing is clear: earning any significant amount of money with web cryptomining is almost impossible. To put things into better perspective, let’s look at a real-world example.

As reported by Bitcoin.com, the Browse Aloud browser plug-in was hijacked and around 5,000 computers were stricken with embedded cryptocurrency mining scripts — among them British government computer systems. Even with 5,000 government computers, running these kinds of scripts led to only $24 of Monero being mined.

In most cases we would say that web cryptomining is just not profitable. But when looking from different perspectives, like in the case of Drupal websites cryptojacking attacks, or 50,000 Wordpress sites that have been found to have cryptomining scripts, we can see that if someone manages to hijack hundreds and thousands of machines, it is possible to gain profit from web cryptomining.


Get all of your data security and threat intelligence news in one place with SecurityTrails.

If you want easy access to the most comprehensive look into cyber security data relevant to you, sign up with SecurityTrails and grab your free API key today.