Hacking That Targets Websites to Mint Crypto-Cash

Here’s another piece of startling news from the world of hacking and hackers. Hackers are now installing malicious codes on websites of schools and charities, plus file-sharing websites to generate crypto cash. The focus now is on using such websites which use visitors’ computers and “mine” cyber currencies.

Cybersecurity experts recently scanned many popular websites and the result was surprising, or to be a bit more precise, startling. Hundreds of these websites harbored malicious codes that were used to mint crypto cash.

Mark Ward, Technology Correspondent at BBC News has written a piece discussing this kind of hacking in detail. Mark Ward quotes Rik Ferguson, Vice President, Security Research at Trend Micro, as saying- “This is absolutely a numbers game.” He also adds, “Mr Ferguson said crypto-currencies operated by getting lots of computers to work together to solve the tricky mathematical problems that establish who spent what. This establishes a digital ledger, or blockchain, of spending activity with a particular coin…The number crunching is called mining and new crypto-coins are handed out to miners who are the first to solve the complex sums…The more computer power that someone can amass, said Mr Ferguson, the more coins they can generate.”

Hackers using such mining malware, targeting the minting of crypto-currency, is not a new thing. But today, with cyber currencies getting more and more popular and with new crypto-currencies evolving, the kind of hacking in which cybercriminals use malicious codes to mint cyber currencies, is on the rise.

Mark Ward writes that when a security researcher scanned the million most popular websites to check for the Coin Hive mining script, he found many sites using Coin Hive as well as other such mining scripts legitimately in order to generate income from the stream of visitors coming to their site. One million visitors a month would bring a website about $116 (£88) in the Monero crypto-currency. A notable thing was that the script was uploaded surreptitiously on many of the websites that were included in the scan; this was evident from the way the script was concealed.

The BBC post authored by Ward says, “The BBC contacted several of the sites in the UK running the Coin Hive script and those that responded said they did not know who added it to their site. Some have now deleted the mining code, updated their security policies and are investigating how the code was implanted. Coin Hive’s developers said it had also taken action against malicious use.
“We had a few early users that implemented the script on sites they previously hacked, without the site owner’s knowledge,” they said in a message to the BBC. “We have banned several of these accounts and will continue to do so when we learn about such cases.” It encouraged people to report malicious use of Coin Hive and said any site using it should inform users that their computer could be enrolled in a mining scheme. Some security programs and ad-blocking software now warn users when they encounter miners.”

Research and studies point out that surreptitious crypto coin mining is very rampant today and is not limited just to websites targeted by hackers. The BBC report discussing crypt currency mining speaks about security service Cloudfare suspending accounts of customers using mining scripts and of two senior Crimean government officials reportedly being fired for using official machines to mine bitcoin. There is also the reference to the creators of the FiveM addon for the video game GTA V releasing an update that would stop people from adding miners to codes. BBC also speaks about high-profile websites ( Pirate Bay, Showtime etc) being found to be harboring mining scripts. There is also a reference to Prof Matthew Caesar, computer scientist at the Illinois University, speaking about mining as a potential threat to companies offering cloud-based computing services.

The BBC post authored by Mark Ward says- “Prof Caesar said he and student Rashid Tahir started investigating the problem after conversations with several cloud firms revealed that all of them had experienced trouble with coin-mining…”If someone can hack into a cloud account they have access to a huge amount of computer power,” he said. “They can get huge value from those accounts because there’s not much limit on the number of machines they can use…”Often,” he said, “the billing systems the cloud services run do not reveal what’s going on. Someone can get in and cause a lot of damage before they are shut down.”…Victims can be left with huge bills for servers that attackers rented to do their coin-mining, he said.”