What you need to know about Crypojacking

Is it me, or are the names for bad things getting weirder? After I had been into computers for a few years we started having to deal with viruses, now we have spyware, malware, ransomware and cryptojacking. I have visions of a Count Dracula sneaking out of his crypt and carjacking me.

Crypojacking simply is someone using your computer to crunch numbers which earns them money. This is often done without your permission on websites you visit.

The How

When you visit a website it runs the code that makes the site appear on your screen. This code can consist of HTML, CSS, Java, PHP, JavaScript and many other languages. The same code that presents the web page you asked to see can do other things as well, like math. This math is used to “mine” a form of money called cryptocurrency.

Cryptocurrency is a new math based currency that is not backed by much of anything (like gold, silver, whatever) just like the currency of the United States, except for the math. That math makes it virtually impossible for anything to happen to your money unless you release a key (no one can seize it). Currency is gained of course using the normal method of working for it, selling stuff to get it, etc. It can also be mined.

Mining a cryptocurrency is much like mining for gold except instead of grabbing your pick and pan, you use a computer. It takes a LOT of computing power to generate cryptocurrency and the more of the money that is made, the harder it becomes to make it, thereby limiting the amount in circulation.

It seems like someone with a lot of computers could get rich but the problem is that it generally costs more to mine it that you get in the end. Once you buy computers, set them up to mine, pay the electrical bill and all that jazz, you spend more than you make.

This is why they want to use your computer and electricity to mine the money. You could not possibly mine enough to make it pay for the itself but if a website owner can get thousands of visitors all mining at once, he can make a few dollars.

The Good

Yes, there is a potential good side to this and that is this provides an alternative to advertising and the odds are, you will never know it happened. Would you like to see ad free content? Keep dreaming! But this does have the potential to reduce advertising substantially.

People who put ads on their website know you hate them. They also know you will put up with a certain amount before you give up and go away. The problem these days is that they need to generate $xxx number of dollars to stay in business and since people are continuing to do things like run ad blockers, they need to run more and more ads. They also have to run more and more intrusive ads (motion, pop-ups, etc) to try and get around the blocks. This in turn makes the blockers more aggressive and then in turn the advertisers try harder to get around the blockers, and so on.

Websites using crypto mining can throttle back on the intrusive advertising and use the mining to make up for it. In the majority of cases, you lose nothing except annoying ads.

The Bad

There are good and bad people everywhere, including on the web. While many of the advertisers out there will try to use cryptojacking to try and get enough money to reduce other forms of advertising knowing that  reduced visual ads will ultimately increase their visitors count and how long the visitors stay, others will not.

Some people will simply use it as an additional source of income. In addition, those same type of people will adjust the parameters of the scripts doing the mining so that it really puts a strain on your computer thereby making them the most amount of money in the least amount of time.

These are the same people who force a lot of people to run ad blockers which hurt everyone trying to provide content online and make a living without directly charging the visitors.

The Fix

Fortunately, since this is the wild west for cryptojacking we need someone to step up and help us, and they have. The overwhelming majority of crypotjacking is blocked by using a modern browser (Edge, Chrome, FireFox, Opera, Safari, etc) and by using a modern antivirus.

If you want to be sure, head on over to https://cryptojackingtest.com/ and test your current setup. If you need or want more protection, head on over to NoCoin at GitHub and download NoCoin for Chrome, FireFox or Opera.

Keep in mind that the idea behind this can be good or bad. If the website specifically asks your permission I would highly suggest you allow them to use your spare CPU cycles in the hope we can see fewer and less obtrusive ads.