A couple of years ago it felt like you couldn’t turn your head in any direction without seeing another headline about cryptomining and – its more evil sibling – cryptojacking.

Countless websites were hijacked, and injected with cryptocurrency-mining code designed to exploit the resources of visiting computers. Victims included the likes of the LA Times, and political fact-checking website Politifact.

Even a European water utility’s operational network was said to have fallen foul of hackers planting cryptomining code.

In one infamous case, thousands of government websites in the United States and UK – including the Information Commissioner’s Office (ICO) and USCourts.gov – were simultaneously hijacked by cryptomining code after hackers poisoned a widely-used accessibility plugin.

Some developers even coded their apps to “unobtrusively” mine for cryptocurrency in lieu of users taking out a subscription, and hundreds of thousands of unpatched IoT devices were cryptojacked.

Meanwhile, well-known sites such as Showtime, Salon.com and The Pirate Bay, willingly ran cryptomining code on their webpages as they hunted for a way to generate revenue in a world where online ads were increasingly being blocked.

What drove all of this cryptomining was a sharp increase in the value of cryptocurrencies, combined with the emergence of Coinhive – a service which offered a simple way to turn any webpage into a source of revenue. Just a line or two of Javascript, embedded on a webpage, could seize CPU cycles from visiting computers and mine for cryptocurrency within the user’s browser.

But in February 2019, Coinhive shut down, saying that because the cryptocurrency market had crashed and the hard fork of the Monero cryptocurrency its service was no longer economically viable.

Researchers at the University of Cincinnati, and Lakehead University in Canada, decided to investigate whether hackers have continued to (Read more...)