Coinhive in-browser software ‘mines $250,000 per month’
Academic research issued by RWTH Aachen University in Germany claims that browser-based cryptocurrency miner Coinhive is generating more than $250,000 in Monero (XMR) profit for attackers each month by hi-jacking the central processing units (CPUs) of internet users.
The university reports that a rise in revenue generated by illegal mining software is offsetting a fall in “cryptojacking” and provides a detailed account of how Coinhive is being used to produce over $250,000 worth of XMR monthly.
Developed to be a social good, the Coinhive miner was initially introduced to crypto-enthusiasts to allow them to exchange their extra computing power for access to mine the Monero network. However, the code targets websites seeking to make money without advertisements, meaning a user’s computer will slow down while it generates coins in exchange for ad-free viewing.
Hackers, meanwhile, have configured Coinhive to send a user’s mined XMR to their own digital wallets by hacking websites and secretly installing the code. They are also plugging Coinhive into legitimate-appearing browser extensions.
The research reveals that XMR accounts for 75% of all browser-based cryptocurrency mining and that Coinhive is behind most of it.
Only 10 share the spoils
The Coinhive miner accounts for 1.8 % of Monero’s hashing power, with a majority of mining incentives realised for nefarious purposes. The report notes: “If we sum up the block rewards of the actually mined blocks over the observation period of four weeks, we find that Coinhive earned 1,271 XMR.”
Based on a trading price for XMR of $89.28, it signifies a $113,474 profit for hackers in a month of fraudulent mining. Meanwhile, Coinhive developers receive over 30% of this amount for providing their tools.
The research also claims that only 10 wallet addresses received a chunk of the fraudulently mined XMR. In this regard, attackers are using a “short link” service to redirect advertisements to their servers and paying a commission to website administrators.