There’s a good chance you or someone you know has mined cryptocurrency, and you may not have even been aware of it.

There are thousands of Cryptocurrencies around today, following in the footsteps of the hugely successful Bitcoin, but they have really risen to prominence over the last 5 years.  Cryptocurrencies are, with few exceptions, decentralised digital currencies that don’t rely on a central administrator, where transactions take place directly between users.  Their prospect of being a worldwide currency with freedom of exchange and no control from governments or banks has made them massively popular as they are theoretically immune from the instability of fractional reserve banking.

 Bitcoin, the largest and most popular cryptocurrency has rapidly grown in value over the last few years, making mining more and more popular

Bitcoin, the largest and most popular cryptocurrency has rapidly grown in value over the last few years, making mining more and more popular

Cryptocurrencies generally all function in the same way, a finite number of coins are ‘mined’ using computers solving difficult equations that get incrementally more difficult as the number of remaining coins reduce.  As a result, most mature cryptocurrencies like Bitcoin, Ethereum, Ripple, and Litecoin, take an enormous amount of computing power to mine new coins.  For a typical person attempting to make money by creating new coins using a home PC, the cost of power is far greater than the value of coins created.  However, utilising tools such as free sustainable energy powering advanced graphic cards or custom built ASICs can make this a profitable activity.

Which brings us onto the first example of mining cryptocurrencies you may have carried out.

Mining cryptocurrencies with proper authorisation.

There are a number of businesses that mine cryptocurrencies on an industrial scale, using custom built hardware and cheap or free energy.  They could try to find the most economical way of mining coins for profit in established cryptocurrencies, or they may be speculating and looking at the new and latest cryptocurrencies being released and estimating which ones will grow, and mine those while they are computationally cheap.

It’s not just dedicated businesses that do this, anyone can mine any cryptocurrency.  A single user may look to become part of a mining pool, where hundreds or thousands of different users share the computational effort of mining, and then share the spoils when a new coin is mined.  They could even single-handedly try to find a way to mine coins using power cheap enough that it’s profitable without the help of a mining pool.  Which brings us onto the next method of mining cryptocurrency that you may have encountered (but hopefully not)

Mining cryptocurrencies without proper authorisation.

Another way of reducing the personal cost of mining is to use power that you do not pay for.  This makes it free for the user in the most unethical sense of the word.

When Bitcoin first grew quickly in late 2013, it caught the eye of a large number of speculative miners.  In November 2013 one Bitcoin was worth $200, within a month it had surged to over $1000.  This was the start of a large amount of mining, as people scrabbled to find cheap ways to mine Bitcoin fast (incidentally this rush reduced the price, it didn’t return to $1000 until another large spike in early 2017).

It was at this time that people started using hardware or power they didn’t own to mine Bitcoin.  This is at best unethical and at worst illegal.  Last year Vladimir Ilyayev, a computer-systems manager for the New York City Department of Education, was fined for using his work computer to mine Bitcoins in 2014.  Users with access to large cloud computing platforms have also been using spare computational resources to do the same.  Even here at Perception we see cryptocurrency mining on corporate networks that should have nothing to do with cryptocurrencies or even finance.

In this example, cryptocurrency mining is a policy violation on networks, but since early last year the growth of malicious use of mining has been massive.

 There are a large number of cryptocurrencies available today, and people have used machines they don't own to mine them

There are a large number of cryptocurrencies available today, and people have used machines they don't own to mine them

Mining cryptocurrencies using malware.

Typically, malicious hackers make their living by holding organisations or individuals to ransom, stealing and selling data, or just buying easily liquidated goods using stolen information.

With the rise of cryptocurrencies however, one fact has opened up a new way for malicious hackers to make money: computational power can be directly exchanged for something of monetary value.  As a result, if hackers can create malware to leverage computing power, they can make money.

Although it had happened in minor cases earlier, this started in earnest in early 2017.  The most common examples use a tool called Coin Hive, a script which was originally designed for people to run on their own machines in order to become part of a mining pool as described above.  What malicious users do is hack into websites, install this script, and then any visitor to that site will be inadvertently mining cryptocurrencies.

Multiple websites have fallen victim to this, in October 2017 the BBC reported that websites of schools, charities, and file sharing sites were running the script.  Even the Information Commissioners Office (ICO) had their website affected by it in February, somewhat ironically being that they are the bastion of data control in the UK.

As cryptocurrencies gain in value, the use of this type of attack will grow since the rewards become greater, another massive spike in cryptocurrency value in December 2017 (Bitcoin rose to over $20,000 per coin at one point), only increased the number of cryptocurrency mining attacks that have been observed. 

But there could be a good reason to use these scripts on websites legitimately.

Mining cryptocurrencies on other users machines with their permission.

The internet is a colossal pool of information and content, but in the majority of cases, those who generate the content need to be compensate for their efforts.  Since the birth of websites the way to do this has been via advertising.  However, advertisements on the web have their drawbacks, not only can they be distracting for the user, but they are also the most common method of web-based cyber-attacks.  In many cases, ads being served on websites can be used to execute malicious code on the viewer’s machine without their knowledge.  The consequence of these drawbacks has been the rise in use of ad-blocking software in browsers.  Due to the security concerns, many IT teams mandate the use of up to date ad-blockers on their organisation’s devices.

So where does the money come from when all the ads are being blocked?  Cryptocurrency mining could, oddly, be the answer.  Websites can ask users that have ad-blockers to run cryptocurrency mining scripts on their machines while they browse as a way to bring in income to the website.  This has been in use for a while by cryptocurrency focussed sites using tools specifically designed for this purpose such as JSEcoin.  In February this year however, the US news website implemented a feature where they asked users to either deactivate their adblockers or mine cryptocurrency to access their content.  A site with approximately one million viewers a month can make approximately £75-100 per month using these tools, putting them behind traditional advertising by a factor of between 2 and 10 in terms of profitability, but these tools use lesser known cryptocurrencies such as Monero, and the value could change very rapidly.

 US news website briefly gave visitors the option to allow Salon to use their machines to mine cryptocurrencies in lieu of seeing advertisements on the site

US news website briefly gave visitors the option to allow Salon to use their machines to mine cryptocurrencies in lieu of seeing advertisements on the site

It’s not just websites that are looking towards mining cryptocurrency with the users permission.  This month, popular 3rd-party Mac Calendar app ‘Calendar 2’ gave users the option to unlock premium features (worth around £15) by allowing the app to mine cryptocurrency.  Unfortunately, the execution didn’t go entirely to plan and the app mined cryptocurrency even when the users opted out.  The developers, Qbix, have since removed this version of the app, but it does give us a look into a possible future where users are selling their unused processing power for software.


So in conclusion, someone on your network may be intentionally mining cryptocurrencies, inadvertently mining cryptocurrencies, or permitting a third party to use their machine to mine cryptocurrencies.  This isn’t likely to stop anytime soon, so it may be worth finding a way to detect when it’s happening.