Web-based Cryptojacking in the Wild

08/28/2018
by   Marius Musch, et al.
0

With the introduction of memory-bound cryptocurrencies, such as Monero, the implementation of mining code in browser-based JavaScript has become a worthwhile alternative to dedicated mining rigs. Based on this technology, a new form of parasitic computing, widely called cryptojacking or drive-by mining, has gained momentum in the web. A cryptojacking site abuses the computing resources of its visitors to covertly mine for cryptocurrencies. In this paper, we systematically explore this phenomenon. For this, we propose a 3-phase analysis approach, which enables us to identify mining scripts and conduct a large-scale study on the prevalence of cryptojacking in the Alexa 1 million websites. We find that cryptojacking is common, with currently 1 out of 500 sites hosting a mining script. Moreover, we perform several secondary analyses to gain insight into the cryptojacking landscape, including a measurement of code characteristics, an estimate of expected mining revenue, and an evaluation of current blacklist-based countermeasures.

READ FULL TEXT

page 1

page 24

page 34

research
03/07/2018

A first look at browser-based Cryptojacking

In this paper, we examine the recent trend towards in-browser mining of ...
research
08/02/2018

Digging into Browser-based Crypto Mining

Mining is the foundation of blockchain-based cryptocurrencies such as Bi...
research
12/10/2018

On legitimate mining of cryptocurrency in the browser - a feasibility study

Cryptocurrency mining in the browser has the potential to provide a new ...
research
04/28/2020

A Retrospective Analysis of User Exposure to (Illicit) Cryptocurrency Mining on the Web

In late 2017, a sudden proliferation of malicious JavaScript was reporte...
research
09/06/2018

End-to-End Analysis of In-Browser Cryptojacking

In-browser cryptojacking involves hijacking the CPU power of a website's...
research
01/07/2020

Is Cryptojacking Dead after Coinhive Shutdown?

Cryptojacking is the exploitation of victims' computer resources to mine...
research
11/22/2021

The EOSC-Synergy cloud services implementation for the Latin American Giant Observatory (LAGO)

The Latin American Giant Observatory (LAGO) is a distributed cosmic ray ...

Please sign up or login with your details

Forgot password? Click here to reset