Coinhive Cryptojacking

The Coinhive Cryptojacking is a malware that generates crypto-currency for a third-party after your browser loads a website that injects its script. Although Coinhive has legitimate and legal uses, some sites will run it automatically and may cause associated performance issues, as a result. Most anti-malware programs can detect and delete the Coinhive Cryptojacking automatically along with other browser-based threats.

The Hive Explodes into Action

Coinhive is maintaining a stranglehold on the gray market of browser script-loaded miners, which offer website admins a discreet way of creating crypto-currency. Unlike Trojans installing themselves onto their victims' computers, such as the XMRig-based RubyMiner, Coinhive (and other types of crypto-jacking that use JavaScript miners, including Minr Cryptojacking and the the deepMiner Cryptojacking), Coinhive runs through Web-browsing scripts related to its host websites. The escalating popularity of this method of mining is, mostly, thanks to Coinhive, which is running on tens of thousands of domains and holding over eighty percent of the market.

Like any other Web-browsing script, the Coinhive Cryptojacking loads when an unprotected browser visits the associated Web page with JavaScript and related content enabled. Some website owners request this script's use by visitors on an opt-in basis, typically, as an alternative to viewing advertisements. However, Coinhive also may run invisibly and automatically. In these cases, malware experts classify the Coinhive Cryptojacking as being a threat to your PC and recommend treating it as such.

The standard symptoms of cryptocurrency-mining infections include significant loss of system resources and accompanying instability or poor performance. In Coinhive Cryptojacking's case, these issues limit themselves to the computer's CPU, and, as of this article's date of writing, only should occur while the Web browser is viewing the associated website. However, the Coinhive Cryptojacking may run every time that your browser visits that site. Additional threats beyond this article's scope also may load hidden Web-browsing processes for maintaining the Coinhive Cryptojacking regardless of your Web-surfing behavior.

Keeping Busy Bees from Turning Your CPU into Their Honey

Arguably, Coinhive is as legitimate as the website owners choosing to run it. If a trustworthy website requests your permission to use Coinhive and you have no reason for believing that it may cause any performance issues, you may choose to whitelist the site and its associated scripts. However, significant network traffic problems, excessive use of your CPU, or the absence of a consent request are some signs of the Coinhive Cryptojacking's being a possible danger to your computer. Like any cryptocurrency-mining program, Coinhive also may cause your PC to overheat and suffer associated damages if it runs with irresponsible configuration settings.

Some website owners may be unaware of running the Coinhive script. Threat actors can compromise websites and insert the code for delivering threats like Coinhive Cryptojacking, drive-by-download attacks (such as via the Nebula Exploit Kit) to any visitors without the admin being aware. Website administrators should monitor their web pages regularly for any tampering, particularly the index and landing pages, and use passwords that are unlikely of breaking after a brute-force attack. Any anti-malware products that include protection from malicious browser scripts also should block or delete Coinhive Cryptojacking as their default behavior.

Coinhive shows why the computer industry can't always have potentially useful things: although its business motives are benevolent, its potential for abuse is proving itself extreme. When websites ranging from WordPress blogs to government domains all are running similar scripts, it's up to each web surfer to determine how safe their browsing is.