CoinHive Trojan refers to a JavaScript miner which is designed to mine Monero cryptocurrency. Mining is not considered illegal when it is done with authorization, but cyber criminals have decided to exploit this method of monetization in illegal ways. By secretively injecting codes into websites and distributing miners to users that have not agreed to participate in mining, activity of CoinHive becomes unjust. Just on 26th of September, two websites of Showtime have been noticed to include embedded JavaScript codes, turning their clients’ computers into miners of Monero. Vatico miner is also designed to increase profits in Monero currecy.
Monero is a relatively new cryptocurrency compared to Bitcoins (the first one) and Etherium. It tries to solve payment and Wallet anonymity problem. While there are no ways to trace owner of Bitcoin wallet till he or she tries to exchange the money or performs operations from non-safe network, the size of wallets and transactions can be traced. Monero tries to be fully anonymous and it is much harder to judge the size of the virtual wallet. More info about Monero is available on Monero website.
Like all crypto-currencies, Monero relies on computers performing special computations to make network secure. These computations are called “mining” for short. What is special for Monero, the computations does not require special hardware to be efficient like Bitcoins do. Thus Monero mining can be done on regular PCs effectively and can be implemented in browsers as well.
CoinHive Trojan mines Monero without PC owner permissions
It is no news that cryptocurrencies are being mined: this venture is able to generate incomes (A beginners guide to mining). Many users, especially hackers, feel a gold rush. We have already investigated such Trojans like BitCoinMiner that were aiming to mine bitcoin cryptocurrency. While the latter coin-system continues to be widely exploited, new payment systems are being introduced. For instance, Monero is indicated as a more anonymous service.
CoinHive Trojan mining tool is definitely one of the innovative technologies (CoinHive features). It started as a replacement for advertising system on websites. Instead of having to sit through annoying ads, visitors of certain domains are invited to borrow some of their CPU resources. While the concept is relatively clever, creators of CoinHive miner did not anticipate that hackers would rush to take advantage of this JavaScrip library.
Recently, SafeBrowse Chrome extension had been noticed to transmit CoinHive to unsuspecting users. Fortunately, users noticed that the percentages of exploited CPU resources have suspiciously boosted. It was the first browser extension to initiate mining, but we predict that it won’t be the last. Therefore, it is disturbing that hackers could generate profit from users’ CPU resources. This could lead to more sluggish operating systems since some background activities will constantly take a very high amounts of CPU resources.
While some users might be only now hearing of CoinHive Trojan or other rogue crypto miners, but they have actually been very active in 2017. Users should be educated about techniques of “cryptojacking” which were applied to the the websites of Showtime (Showtime mined Monero). You would certainly would not be interested in generating Monero for hackers that definitely do not deserver to receive any profits. Some AdBlockers have even blocked libraries of CoinHive miner to prevent its activity. In addition to this, you should regularly check CPU resources. This can be done by opening Task Manager. Also, there are more recommendations that will help you determine whether you have become a part of secret crypto-mining operation (How can you tell if your computer is secretly mining?).
How to avoid unwanted miners of cryptocurrencies?
We have noticed that some of them can come with packaged freeware. During installation processes, make sure that you are not suggested to mine Bitcoins, Monero or other digital money. In addition, try to visit only legitimate websites so your operating system would not begin to suffer setbacks from overly-utilized CPU resources. However, as even respectable domains can be incorporating suspicious JavaScripts, averting miners becomes more difficult. The only way to know for sure is to check your CPU resources or look through logs of AdBlockers. Maybe CoinHive libraries will be blocked.
To keep operating system malware-free, we recommend running a scan with Spyhunter. It will help you remove all malicious threats. CoinHive Trojan can also have a several other symptoms, like you will notice that your computer is constantly connecting to coin-hive.com/lib/coinhive.min.js. If you notice this activity too, please check “Roaming” folder which can contain the miner. After that, run a scan with an anti-malware tool to make sure that mining stops.
Double-check extensions in browser extension stores as well
During early 2018, Google Chrome extension store was infected with malicious applications that used CoinHive and similar mining code to mine for monero and other crypto currencies. These extensions got stopped on 2018.02.02, however this shows a scary new infection way for trojans.
Automatic Malware removal tools
(Win)
Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,
(Mac)
Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,