- Joined
- May 18, 1997
- Messages
- 55,601
Security researches at Securi have identified hundreds of websites that have been utilizing the Coinhive URL shortener to mine cryptocurrency on unsuspecting user devices. What is the Coinhive URL shortener? I'm glad you asked. Coinhive describes it as this: “If you have an URL you’d like to forward your users to, you can create a cnhv.co shortlink to it. The user has to solves[sic] a number of hashes (adjustable by you) and is automatically forwarded to the target URL afterwards.”
In the URL shortener's intended form, end users would then be presented with a progress bar showing that Coinhive is now solving hashes on their device.
The plot thickens. Some denizens of cyberspace with less than scrupulous intentions (certain website owners / cyber criminals) have found a way to load the progress bar in an IFrame that sports an area of 1 pixel by 1 pixel with zero interaction from the end user. Essentially, the IFrame loads as a 1x1 pixel, no one sees the notification, resource usage jumps to 100%, and BAM! Someone else is making money at your expense. A list of some of the websites identified can be found here. Thanks to SCHTASK for the link and the story.
In the URL shortener's intended form, end users would then be presented with a progress bar showing that Coinhive is now solving hashes on their device.
The plot thickens. Some denizens of cyberspace with less than scrupulous intentions (certain website owners / cyber criminals) have found a way to load the progress bar in an IFrame that sports an area of 1 pixel by 1 pixel with zero interaction from the end user. Essentially, the IFrame loads as a 1x1 pixel, no one sees the notification, resource usage jumps to 100%, and BAM! Someone else is making money at your expense. A list of some of the websites identified can be found here. Thanks to SCHTASK for the link and the story.