Before we get straight to the point, let's refresh your memory just a bit.
Bitcoin mining is an energy-consuming process of introducing new bitcoins. You know that, right?
Anyone with the appropriate hardware and an Internet connection can participate in mining, and, in many cases, bitcoin mining is legal.
For example, in most of Western Europe, in countries such as Germany and the UK, cryptocurrencies have the status of "private money," so they are legal, but local laws may provide specific protections.
Despite this, there are people who use illegal methods for crypto mining. They may use malicious viruses to hijack users’ computers and then make their processors mine bitcoins. This can slow down computers while running up energy bills.
In particular, intruders may “infect” a corporate website with malware, which its owners may not even be aware of. For instance, hackers often infect e-commerce websites, as they regularly receive a lot of traffic.
We asked the owners of several online businesses whether they took any measures to protect their sites from mining software. In this article, we will share their opinion.
We also conducted an investigation with the help of Webspotter to look at the situation with miners and corporative sites from the inside, checking which of them may be infected.
Then, we contacted the owners of these sites and informed them that their websites might have been hacked. We will tell you about what happened next.
One of the most popular mining programs is a tool called Coinhive.
According to statistics from Germany’s RWTH Aachen University, Coinhive generates approximately $24,000 a week.
Monero differs from Bitcoin in that its transactions leave no traces, and there is no way for a third party to track Monero transactions between two members. Thus, Monero is a very appealing choice for hackers.
Initially, Coinhive was meant to be an alternative payment method for website visitors: visitors get free content and in return they allow site owners to mine coins and earn some money.
But today, Coinhive is often being used by hackers as malware to hijack website visitors and illegally enrich themselves.
Actually, many business owners don’t take the dangers of mining programs seriously so they don’t check their sites for malware.
Since E-commerce sites are often attacked and their owners may be familiar with miners, we decided to post the following question in dozens of E-commerce-related Facebook communities:
“Do any E-commerce owners here check their websites against Bitcoin mining malware (ex. Coinhive)?”Here are some of the negative responses we received:
On the other hand, some website owners strive to secure their sites and spend time and resources to avoid mining software.Here are their opinions:
As we see from the survey results, about half of the community do not seem to care about the risks of miners.
But what if some of the site owners found out that their site was already infected?
We decided to find some existing infected sites and contact their owners.
To track Coinhive, we used Webspotter, a tool that permits the analysis of sites to learn about the technologies they use.
In addition to popular technologies such as Magento and WordPress, Webspotter allows users to track down malicious and mining software.
So, first, we found all the sites that use Coinhive.
Then we loaded a list of all the sites into Excel and analyzed them using the Ahrefs batch analysis feature. This step was necessary so that we could select reputable websites and rid our list of overly poor or malicious sites.
We uploaded data in packs, each of which consisted of 200 websites. We sorted them by Domain Rank and chose only those sites whose Domain Rank equaled at least 50.
After that, we collected several hundred sites that passed the test in the Excel file. Then we opened each site and looked to see if it was both a corporate site and active (many sites just didn’t open).
After that, we selected some working sites and sent emails accompanied with Linkedin and Facebook messages to their owners.
We contacted 20 business owners and informed them that their sites might have been hacked.
Then we duplicated our messages into Facebook corporate pages of those companies.
Also, we send messages to site owners personally via LinkedIn.
What were the results?
At the time of this writing, a week after messages have been sent, none of the recipients responded.
After a few days, we checked all these sites for malware again. We were surprised: half of the sites whose owners received our emails just got rid of Coinhive silently.
You can check your website using programs like uBlock, which may detect miners.
For example, using uBlock, you just need to open the network request log and look through it.
Of course, it's up to you to decide. But it won’t hurt to regularly monitor your site for miners since the safety of your business is at stake.