Do you remember the old Lemmings computer game? I think it came out in the early nineties. Lots of tiny blue and green figures with pick-axes trying to work their way through tunnels and mounds without falling off cliffs. Thats the picture I get when talking about Cryptomining, but its a long way from what really happens. The details are quite complicated, and my background is not techy, so we’ll stick with the basics.
Lifewire are ahead of Wikipedia on this one. Their explanation – cryptomining is providing bookkeeping services for cryptocurrency, for which you get paid a fraction of each coin. A lot of computational power (processing power and speed) is needed to verify cryptocurrency transactions. The why is quite technical and to do with blockchain tech, so I leave you to check that out yourselves. If you started cryptomining early, you might have made a little money. If you’d invested in cryptocurrency early, you would have made more. Because cryptomining requires a lot of computational power, there are miners out there now adding little bits of code to unsuspecting websites to harvest computing power. It doesn’t just use the website where the code sits, but also grabs power from visitors to your website. It has been reported that currently available cryptocurrencies use more energy than Iceland, Syria and Jordan. This can be done in two ways – legitimately with permission, secretly, without permission.
Cryptomining as Malware
It is the ‘secretly, without permission’ group that is a problem here. Providers like CoinHive and Authedmine enable website owners to embed code onto a website that can access the computer power of visitors to that website for cryptomining. CoinHive does promote full notice to website visitors and opt-in use. This is legitimate. However, Wordfence have recently reported that some enterprising hackers are already using vulnerabilities in WordPress websites to add code to sites without the website owners knowledge. The code then accesses the computing power of visitors. This can slow down the loading time and user experience of the website affected, and also increase the power used by the visitor’s computer – increasing their costs. Payments for cryptomining go to the hacker, not the website owner and no one is any the wiser, unless they are checking CPU usage.
Cryptomining as Revenue
Apart from website access, there are people around the world who have set up hardware systems to supply processing power for bitcoin. One popular marketplace for connecting sellers of computer power for cryptomining is NiceHash. In addition, websites with high visitor numbers and decreasing adWords revenue can now use coding to provide their visitors with the option of paying for access, or allowing cryptomining using the visitor’s computer power for using the website. By way of example, some sites add a button or image that provides visitors with the option of donating computing power to you instead of recieving advertising. One I have seen calls it a cryptomining donation, with the explanation ‘As long as you keep this page open you will support my efforts by donating your computer’s idle time‘; although I’m not sure whether it is only idle time that would be used. That would depend upon what code was applied. Check out this post from Authority Hacker to learn more about the legality and morality of monetising cryptomining.
What does this mean for you?
Jeanette is the founder and Principal Lawyer of Brisbane based Onyx Legal. With more than 20 years experience helping over 1000 clients protect their businesses both locally and internationally, Jeanette has a range of strategies to provide you with clarity and certainty in the ever changing online world. LinkedIn