Streaming site found to be mining visitors’ power for cryptocurrency
Image credit: Dreamstime
A script which allows websites to mine the extra CPU of its users for cryptocurrency has been discovered on Showtime and other websites. The script has since been removed from Showtime.
The appearance of the mining script, Coinhive, was first described in detail by Bleeping Computer, which reported that showtime.com and showtimeanytime.com were running the script, and suggested that this could be an experiment, due to the script being set to remain dormant 97 per cent of the time.
According to its website, Coinhive is ‘An Alternative to Ads, blocked by AdBlock’. Websites are struggling with falling online advertising as more and more users install ad-blocking browser extensions to avoid intrusive adverts. Google will filter “low-quality” adverts in its upcoming version of Chrome, and has warned websites to rein in aggressive advertising.
Faced by this resistance to advertising, websites are looking to alternatives to hosting adverts, such as subscription-based models.
“Our goal was to offer a viable alternative to intrusive and annoying ads that litter so many websites today,” Coinhive’s website explained. “These ads are not only a distraction to end users, but also provide notoriously unpredictable and non-transparent revenue numbers. We set out to change that.”
The script, which was hidden on Showtime and other websites, mines Monero, an open-source cryptocurrency focused on privacy and anonymity. Unusually for a cryptocurrency, it can be purchased with cash offline.
Cryptocurrencies are supported by miners: these are often hobbyists, although successful mining companies also exist. Miners dedicate computing power to verifying cryptocurrency transactions and adding them to their public ledgers by crunching through computationally expensive problems. Solving these problems reaps financial rewards, although a colossal amount of computing power must be dedicated to these problems in order to make significant profits.
According to Digiconomist, mining for Bitcoin alone accounts for 0.09 per cent of the world’s electricity consumption (a total of 18.38TWh annually, similar to Syria’s annual electricity consumption).
Running a mining script like Coinhive allows the website to collect this money, while using the CPU (and therefore electricity) of its visitors. Consequently, the script slows down visitors’ computers and other devices, and increases electricity consumption.
Coinhive was launched on September 14, and quickly adopted by malware operations. This has resulted in the script being swiftly blocked by many of the most popular ad blockers, a move that Coinhive describe as “reasonable”.
“We’re a bit saddened to see that some of our customers integrate Coinhive into their pages without disclosing to their users what’s going on, let alone asking for their permission. We believe there’s so much more potential for our solution, but we have to be respectful to our end users,” they wrote on their website.
Since reports have surfaced, the mining script has vanished from Showtime’s websites.
Previously, the same script was run secretly on The Pirate Bay, apparently as an experiment. The Pirate Bay later apologised, stating it was a trial and asking its users if they would prefer advertising or cryptocurrency mining: this attracted mixed responses.