Video stream users may be exposed to hidden cryptocurrency mining
Popular video streaming sites have a secret embedded code that mines cryptocurrencies through visitors' computers.
Four popular video streaming sites have forced almost 1bn visitors to mine cryptocurrency in secret.
Openload, Streamango, Rapidvideo and OnlineVideoConverter are the four sites allegedly loading the mining software onto the computers of their visitors. After the cryptojacking has begun, the computers will start to generate tokens for the cryptocurrency monero.
According to Andrey Meskov, the founder of security firm Adguard, they came across these popular websites that use the visitors resources for cryptocurrency mining.
"According to SimilarWeb, these four sites register 992m visits a month," Meshkov said.
"The total monthly earnings from [this] cryptojacking, taking into account the current Monero rate, can reach $326,000. These are simply outrageous figures," Meshkov added.
In recent weeks, digital currencies had risen dramatically in value, with monero specifically rising from $90 dollars to $300 apiece in just a month.
Once loaded into users’ browser, when the victims clicked play they would unwittingly be triggering the start of the cryptojacking. The tell-tale clue to know if that was happening was if the computer began to run very slowly on the site.
For cryptocurrencies that depend on specialised, integrated circuits to work (ASICs) like bitcoin, such a mining method was impossible. But other cryptocurrencies like monero could work with any CPU or GPU.
"The popularity of cryptojacking has grown with alarming speed," said Meshkov. "At the moment, the only real solution is to use an ad blocker, an antivirus or one of the specialised extensions to combat cryptojacking."
However, cryptojacking was not a new phenomenon. Earlier in the same week, researchers found that a Wi-Fi operator in a Starbucks in Argentina was using customers' devices when connected to the public network.
And back in October, The Pirate Bay was hasrhly criticised harshly for carrying out cryptocurrency mining schemes without user content. The site defended itself by saying it was an experiment in trying to replace online advertising.