Malwarebytes, the leading advanced malware prevention and remediation solution, release a new research outlining the evolution of crypto-mining and the rise of browser based drive-by mining via Coinhive.
Coinhive.com has been the second most frequently blocked domain for Malwarebytes’ customers as Coinhive offers API access for website owners to deploy a miner on their site, have it communicate with the Coinhive remote server and unfortunately, allow the miners to run on user systems without user permission. With this new technology, browser-based drive-by mining has flourished almost overnight and was rolled out in such a way that users had no idea what was happening to them or why their PC was suddenly sluggish with maxed CPU’s.
Key report findings reveal:
- The profit of drive-by Crypto-mining – To be profitable, the mining activity must cost less than the power consumption it generates. Drive-by mining makes use of other people’s machines and the more web traffic you generate, the more chances you have to solve crypto challenges and get a payout.
- A month worth of block’s for Coinhive’s domain’s and proxies – For October alone, Malwarebytes had an average of 8 million blocks per day, and approximately 248 million for the entire month – preventing unauthorized drive-by mining onto their users.
- World view of blocked drive-by mining activity based on user geolocation – The highest drive-by mining activity was found in the US, France, Germany and Italy.
- Top 10 countries exposed to drive-by mining – US and Spain topped the list of countries most impacted by drive by mining.
For the report, please view https://go.malwarebytes.com/rs/805-USG-300/images/Drive-by_Mining_FINAL.pdf