Coinhive, the in-browser cryptomining service beloved by hackers, is dead

Image

If you think back to last year, Coinhive was everywhere. The service offered any website an arguably legitimate way of generating income that didn't rely upon online adverts.

And plenty of well-known sites, such as Showtime, Salon.com and The Pirate Bay, were happy to give it a go.

Rather than making money through ads that might irritate you or track your online activity, a small piece of Javascript embedded on a webpage would gobble up the resources of visiting computers to mine some Monero cryptocurrency. Coinhive, as providers of the service, took a percentage of the earnings, while the website operators could keep the rest.

Predictably, criminals saw an obvious opportunity to make money. They took advantage of sloppy security, hacking websites to earn an easy crust.

In one infamous case, thousands of government websites in the UK and United States -- including the Information Commissioner's Office (ICO) and USCourts.gov -- were simultaneously hijacked to run Coinhive cryptomining code by hackers who had managed to poison a popular accessibility plugin called "BrowseAloud."

Image

Malicious hackers also used Coinhive's code to cryptojack hundreds of thousands of unpatched IoT devices.

Although traditional ads were unpopular with web surfers, few consumers felt okay about a browser cryptominer running in the background. After all, it was their computer's CPU power and resources that were being used to line the pockets of others, and if the website or cryptojacker was greedy, it would be all too obvious that something odd was afoot through the rising fan noise.

It didn't take long for security products and browser plugins to begin to warn users of the existence of cryptomining code on a webpage. Some even blocked it the same way one might block an unwanted banner ad.

One of the reasons why Coinhive proved popular -- both for criminal hackers and impoverished website owners - -was that it mined the Monero digital cryptocurrency. Unlike Bitcoin, Monero can be comparatively mined with greater efficiency on consumer computers.

But now it's 2019. And anyone who keeps a close eye on such things knows that since December 2017, virtual currencies have turned from being bullish into a prolonged bearish slump.

Image

The truth is that a lot less people are jumping on the cryptocurrency bandwagon today than they were 18 months ago, because of the crash in prices.

So I wasn't particularly surprised to hear Coinhive announce that it was going to As a result, shutting down on March 8.

In a blog post, the service explained that "to be completely honest, it isn’t economically viable anymore."

The drop in hash rate (over 50%) after the last Monero hard fork hit us hard. So did the “crash“ of the crypto currency market with the value of XMR depreciating over 85% within a year. This and the announced hard fork and algorithm update of the Monero network on March 9 has lead us to the conclusion that we need to discontinue Coinhive.

If you want to extract any payments, you have until April 30, 2019 (provided, of course, you earned enough to reach Coinhive's minimum threshold.)

Will I miss Coinhive? Not on your nelly. And as ZDNet reports, some security researchers believe that the trend for cryptojacking is way past its peak and dying off fast.

"There are still a lot of hacked sites with Coinhive code, but I have a feeling these are mostly remnants from past hacks," said Jérôme Segura of Malwarebytes. "Most of what I see these days is CoinIMP [a Coinhive competitor] and it's been active again with Drupal hacks recently. But overall, I think the trend is nearing out."

Although I do welcome the end of websites cryptomining in the background - whether with the knowledge of the website owner or not - I do worry that those keen to fill their pockets may only divert their attention towards other, possibly more malicious, pursuits.

Stay on your guard, folks.