Creator of cryptocurrency miner Coinhive reveals his identity

“Monetize your business with your users’ CPU power.” That’s the alluring promise to make a fortune overnight through crypto-mining, the practice of using computing power to generate cryptocurrency – digital money that can be converted back to hard cash at any crypto exchange.

Crypto mining has become a gold rush of sorts in recent years. And in the past 12 months, legions of geeks have been busy devising ever smarter schemes to generate digital cash (like Bitcoin, Monero and Ethereum) out of thin air – by ”stealing” computing horsepower.

To assist these efforts, some very clever minds have created automated crypto mining tools – scripts that webmasters can embed into websites to monetize traffic not through ads, but by using site visitors’ CPUs to mine for crypto “coins.”

Coinhive is one such service, taking the limelight for being involved in several crypto-jacking cases, where bad actors hacked legitimate websites and used their traffic to fatten their personal crypto wallets. And despite being shrouded in controversy, the service itself is legitimate. The tagline in the intro, as you might have already guessed, is Coinhive’s. And one boffin has finally uncovered its creator.

Independent researcher Brian Krebs did some Sherlock Holmes-level digging over the course of two weeks and discovered that Coinhive was born out of an experiment on a German-language forum called Pr0gramm.

One Dominic Szablewski – an indie developer who, according to his own description, builds games, works on projects and writes occasionally – claims to be the author of that experiment. Soon after Krebs published his investigation into Coinhive, Szablewski sprang into action and wrote on his blog:

“Brian Krebs recently published a story about Coinhive and I want to clarify some things.

In 2007 I built a simple image board – pr0gramm.com – for my friends and me. Over the years, this board has evolved and grown tremendously. When some trolls in 2015 found out who was behind pr0gramm, I received death threats for various moderation decisions on that board. I decided to get out of it and sold pr0gramm. I was still working on pr0gramm behind the scenes and helped with technical issues from time to time, but abstained from moderating completely.

Mid last year I had the idea to try and implement a Cryptocurrency miner in WebAssembly. Just as an experiment, to see if it would work. Of course I needed some users to test it. The owners of pr0gramm were generous enough to let me try but had no part in the development. I quickly built a separate page on pr0gramm.com that users could open to earn a premium account by mining. It worked tremendously well.

So I decided to expand this idea into its own platform. I launched Coinhive a few months later and quickly realized that I couldn’t do this alone. So I was searching for someone who would take over.

I found a company interested in a new venture. They have taken over Coinhive and are now working on a big overhaul.”

For who’s wondering what the planned overhaul is about (at least in part), the company just recently:

  • updated abuse policy regarding hacked sites;
  • “terminated” site keys; and…
  • …added a legal Information page with company registration

Krebs’s investigation into Coinhive sought to uncover how the crypto-mining service “vaulted to the top of the threat list less than a year after its debut, and [to explore] clues about the possible identities of the individuals behind the service.” His post paints a convoluted history of the crypto-mining phenomenon that is Coinhive, but an interesting one nonetheless.



This is a Security Bloggers Network syndicated blog post authored by Filip Truta. Read the original post at: HOTforSecurity