The new academic research conducted by the RWTH Aachen Industry showed just how much profit CoinHive crypto miner can generate. The miner generates about $250,000 worth of Monero profit every month by utilizing the computational power of unaware internet users. One of the users could also be you.
The research unveiled that Monero is the coin mined in 75% of all browser-based crypto mining cases. The CoinHive Organization is mainly responsible for it. Also, the security and investigation reporter, Brain Kerbs stated, “Multiple security firms recently identified cryptocurrency mining service CoinHive as the top malicious threat to Web users.”
What mainly is CoinHive?
CoinHive provides an in-browser, JavaScript-based miner for the Monero coins. People can insert the script into any website. Later, whenever a user visits the specific website, the script will run miner from the user's browser. Then it will mine XMR by utilizing the resources of the website's visitors and the person who inserts the code receives the profit.
CoinHive also provides a ‘shortlink version'. It works similarly like a regular link, aside from to reach the destination the user's system has to perform some hashes.
CoinHive opposes that these services form the possibility for “ad-free experience”. In reality, it has generated a new cyber-threat. Users are paying other people via their CPU power and also they are fully unaware.
How much profit does CoinHive make?
The researchers found that CoinHive is highly profitable. Its ad-hoc browser mining botnet is mainly accountable for 1.18% of the entire Monero network. Also, the research indicates that it is making over 300 XMR (approximately $24,000) per week.
The researchers stated,
“If we sum up the block rewards of the actually mined blocks over the observation period of [four] weeks, we find that Coinhive [sic] earned 1,271 XMR. Similar to other cryptocurrencies, Monero’s exchange-rate fluctuates heavily, at time of writing one XMR is worth 200 USD, having peaked at 400 USD at the beginning of the year. Thus, given the current exchange-rate, Coinhive [sic] mines Moneros worth around $250,000 per month […]”
CoinHive holds 30% of all miner XMR by itself from all mining activities, which is about $75,000 per month or million dollars a year.
By analyzing CoinHive link database, researchers found that there are over 2 million active short links. Almost all the links lead the users to either video streaming or file sharing sites forcing them to mine Monero in redirecting process. However, the most surprising part here is, most profit goes to only 10 users:
“Coinhive’s [sic] link forwarding service is dominated by links from only 10 users. They mostly redirect to streaming videos and file sharing sites. We find that most short links can be resolved within minutes, however, some links require millions of hashes to be computed which is infeasible.”
How to prevent ourselves from Browser Hijacking?
Browser hijacking for crypto mining is the latest thread observed in the crypto industry. This began just after the market price of cryptocurrencies gone up in 2017. Currently, users need to be extremely aware of what sites they are checking, what links they are clicking and what extensions they are installing. Otherwise, they might become a victim of crypto mining script.
In order to prevent from this, security researcher Troy Mursche suggests one the browser extension minerBlock. It utilizes a JavaScript detection and a blacklist to prevent users mining crypto abruptly.