Coinhive, the Java-based web script that uses the hardware of website visitors to mine cryptocurrencies, contributes 1,271 or 1.18% of Monero (XMR) coins mined in a month, according to a study by German RWTH Aachen University.
The study, carried out by a team of specialists in communication and distributed systems, found that Coinhive mined Monero coins worth $250,000 over four weeks this spring. In order to conduct their research, the authors developed a new fingerprinting method to identify mining code and checked a set of .com/.net/.org domains and the Alexa Top 1M list.
The fingerprinting method discovered that the popular tools for detecting sites running the Coinhive code, such as the NoCoin block lists, are not effective in 82% of the cases.
Coinhive was created last year with the purpose of providing some income for websites offering free content or services. It runs as a script on the website and uses the visitors’ hardware to mine cryptocurrencies, mainly Monero, while the users are browsing the site. One-third of the proceeds from the mining go to the developers of the script and the rest is kept by the website.
However, Coinhive slows down the computer’s performance and hikes the electricity bills of the visitors. The bigger problem is that Coinhive is used by hackers to mine Monero for themselves. Cryptojackers hack websites to install Coinhive on them, thus taking the profits from the mining. A study from earlier this year revealed that Coinhive’s opt-in service is barely used.
Various reports have found that cryptojacking has reached the computers of state organizations in Russia, while 30% of the companies in the UK have been affected by such incidents. Meanwhile, another study found that hackers in the Netherlands are increasingly using cryptojacking to make money.