A growing trend on the web is using Monero mining to monetize websites. What started with fringe sites like Pirate Bay, is now going mainstream. This has raised alarm in some circles, but I think it’s a positive development.
According to AdGuard, as many as 500 million users have thus far been targeted with the surreptitious mining of Monero. The Smominru botnet has been in operation since last May, and has allegedly infected more than half million Windows machines earning millions in profit. Most of the compromised machines have been identified to be in Russia, Taiwan, and India. This is an example of installing software on a machine without permission that persists and uses resources without the users’ permission or knowledge. I’m not advocating this of course!
Researchers from Proofpoint say it uses the CVE-2017-0144 “Eternal Blue” exploit and earns about $8500 per day. The Wannamine crypto-miner also uses the same exploit, but appears to be run by different actors.
Online advertising aggregation services let website owners take specific areas of the web page and allow a third party to auction it off in real time. Effective for advertisers, but this approach leaves website owners with no control over the code on their page. Malware has been infecting these ad networks, resulting in site owners unwittingly serving up malware in an effort to make a few pennies.
So is it any surprise that content publishers find solutions like Coinhive.js more appealing? If it becomes socially accepted, instead of the current knee-jerk reaction against it, this will be a more ribust and safer way to go. Logged in users can be rewarded with a portion of the proceeds too.
For those who do not want to have mining software running in the background and without their knowledge, several anti-mining plugins have been developed that can be used today. Some examples include AntiMiner, NoCoin, and MinerBlock.
Is this the best way forward, and the possible death to the deeply problematic online advertising industry? The current model supports a huge network of players, including some of the shadiest malware vendors and botnet operators, and often results in malware infestation of the site viewers. What do you think?