Sign up for our newsletter
Technology / Cybersecurity

Coinhive Shuts Down: Bad for UNICEF – and Cybercriminals?

Coinhive, a browser-based cryptocurrency mining website, shuts down today. The site’s API had been used by clients as eclectic as UNICEF and cybercriminals.

Coinhive’s service was a way to turn the processing power of visitors to a website into cryptocurrency.  Its service could be offered as a plug-in and was used by UNICEF to solicit donations. Other less scrupulous users would not notify visitors, who would find their CPUs were in use and their batteries being drained by the software..

The site’s closure is a loss for cryptocurrency miners and blockchain enthusiasts, but it may actually be a bigger blow to hackers.

Coinhive launched in 2017. It is essentially a JavaScript library that allows you to use a client computer to mine the cryptocurrency Monero.

White papers from our partners

It only mines Monero. Announcing the closure the site’s developers said this was not “economically viable anymore.”

In a short statement on its site Coinhive said “The drop in hash rate (over 50%) after the last Monero hard fork hit us hard. So did the “crash“ of the crypto currency market with the value of XMR depreciating over 85% within a year.”

“This and the announced hard fork and algorithm update of the Monero network on March 9 has lead us to the conclusion that we need to discontinue Coinhive.”

Chris Dawson, Threat Intelligence Lead at Proofpoint told Computer Business Review: “It isn’t so much that cryptocurrencies aren’t worth their while, but that dropping cryptocurrency prices, combined with higher mining costs, make mining less attractive.”

“Mining was always meant to be a self-limiting function – eventually it would become too hard to mine cryptocurrencies so the currency would stabilize, not be subject to inflation, and the focus would become transactional rather than on wealth creation.”

Coinhive Shuts Down, Cryptojackers Avast

As of today mining through Coinhive will no longer work.

However, this is not just the shutdown of any cryptomining website: Coinhive has gained a reputation within cyber security circles as a go-to-site for threat actors instigating cryptojacking attacks, which illegally commandeer the compute power of PCs and data centres to mine cryptocurrencies.

Coinhive Shuts Down

It is in no way true that Coinhive is responsible for cryptojacking attacks that mine Monero coin, but it did help to streamline the process for threat actors, making Monero one of the most popular coins to mine via someone else’s hardware.

Matt Hawkins, CEO of crypto mining firm Cudo Ventures told Computer Business Review: “Unfortunately, it was misused by unscrupulous websites and scammers, and only benefited the few, hence becoming synonymous with crypto jacking.”

“For this reason, Chrome has already blocked Coinhive and, in May, Firefox will block crypto mining, which is the nail in the coffin for Coinhive. This is a particular blow for crypto jacking platforms as many were coded to take advantage of Coinhive.”

UNICEF was among those that had taken advantage of the site, last year saying it was seeking to harness supporters’ computers to raise cryptocurrency donations. The browser miner UNICEF offered was powered by an opt-in version of the Coinhive API, AuthedMine, and mined Monero.

See Also: Ethereum Upgrade Creates a New Path for the Blockchain Platform

The loss of the Coinhive platform may result in a drop in mining activity, but it does not signal the cessation of mining endeavours by threat actors.

Research from cyber security firm Check Point notes that even though cryptocurrencies have dramatically dropped in value over the last year, 20 percent of companies across the globe are hit by cryptojacking attacks every week.

Sivan Nir, Threat Intelligence Team Leader at Skybox Security, told Computer Business Review: “This will have a major impact on the cryptomining landscape, but even before this news, there were plenty of copycats, so criminals will continue to use other services. It’s likely to assume that Cryptoloot, CoinImp, JSECoin, and CoinHave will take larger shares of cryptojacking attacks now that the largest player has left, and perhaps new competitors will emerge.”

“A favourite of this family of malicious crypto miners is the legitimate open-source XMR miner – XMRig. Perhaps this change will increase this type of attack at the expense of a decrease in webminers.”

The only thing we now know for certain is that Coinhive has ruled itself out of the game.
This article is from the CBROnline archive: some formatting and images may not be present.

CBR Staff Writer

CBR Online legacy content.