Photo: BiteMyCoin

How to tell if your PC is being used to mine cryptocurrency

Bradley Wint
By - Founder/Executive Editor
Dec 19, 2017 9:47pm AST
Photo: BiteMyCoin

As Bitcoin prices surge as high as US $19,000 a few days ago, everyone is jumping on the cryptocurrency mining train.

Even though the Average Joe like you and me would dare not try to mine a Bitcoin (because of the immense finances and resources needed to do so), new forms of cryptocurrencies are gaining momentum because of the potential to make insane amounts of money like Bitcoin is doing now.

Other big names like Litecoin, Ethereum, Monero, Dash, and Ripple are slowly gaining value as more people seek alternative ways to mine and sell these coins for some decent cash. There are many others out there, but most don’t have the hype behind them like those I mentioned. For instance, a single Dogecoin was worth US $$0.00708 as at December 2017. That’s a mere 7/10th of a 1 cent piece. In short…worthless.

As coins becoming harder to mine (solving increasingly difficult computational equations), the question of how to save money on mining comes to the forefront. Yes, you can spend a fortune on a massive mining server farm, but would the cost to buy the hardware, maintain it, and pay for electricity be worth it in the long run, even with the potential of very high coin prices?

Instead of paying the full cost to run intensive CPU and GPU operations, why now pawn it off on unsuspecting users? Websites like Coinhive offer a service where a script can be placed on publisher websites so that the CPU processing power of individuals viewing those websites can be used as a collective to mine coins. It’s not effective with Bitcoin because of the sheer amount of resources needed, but it works just perfectly for less popular coins like Monero and Ethereum.

Coinhive themselves are a legitimate operation, but the publishers MUST make it clear to their viewers that their computer processing power is being used for mining while they’re on the website. Unfortunately other rogue services create basic scripts and plugins (e.g. WordPress plugins) to offer a simple service, while secretly injecting their mining script in the background. A less savvy web admin might be completely unaware of the situation because the server performance remains unaffected, while the regular viewer pays the price at the end of the day.

If you want to read up more about this, check out this very in-depth article.

Alright, enough of the rambling. Let’s get into it.

Detecting a miner: sudden increase in CPU usage

The main giveaway is a sudden spike in CPU usage. Most mining scripts try to use as much CPU processing power as possible, so an immediate jump when browsing certain websites is a dead giveaway. Your system may also feel a bit slower when trying to open other windows or programs.

When I fell victim to one of these scripts, my system fan suddenly throttled up to full speed even though I only had the browser open.

You can check the Task Manager on Windows or the Activity Monitor on Macs to check whether usage spikes when you visit a site. For most of us, CPU usage should be minimal (relative to your current tasks). If your usage suddenly spikes while visiting a particular site and then dips back to normal after you leave, then there’s a good chance that that website may be running a crypto miner.

Some miners secretly open pop-under windows so that even when you exit the host website, the script can still run in the background until you properly exit the browser. If you close all your browser windows and still see it as an active process with high CPU usage, there may be an open window hiding behind the taskbar, running the mining script.

Unfortunately newer rogue mining scripts are being tuned to use much smaller percentages of CPU power, so it may not be as obvious to detect these scripts in the future as newer code is released into the wild.

Watch out for malware

Most of us do not have to worry too much, because if we can identify a website running a mining script, we can avoid it all together. However, there are some forms of mining malware which are spread via various phishing mechanisms. An infected system can then be used around the clock to help mine coins, even when the user is not visiting any websites (as the script is now running on the machine itself and sending the results back to a server).

Again, you can use your Activity Monitor or Task Manager to find the culprit and then work on flushing out the malware.

Use an ad or script blocker

So far, most mining scripts mimic the format being used by Coinhive. Adding a few blacklist wildcards might be enough to do the trick to block most of the current scripts. Add-ons like Ghostery and NoScript can also be used to detect and filter out mining code.

If you view the source code of the culprit site, you might see something like this tucked away.

var miner=new Client.Anonymous('Miner Key');miner.start();

Unfortunately there is still a lot of trial and error as security teams are still trying to properly figure out a way to quickly detect these scripts and shut them down.

Report potential abuse to the web host

If you’re a bit more tech savvy and know how to look up the hosting provider on which these mining scripts are hosted, it’s never a bad idea to report them to the respective providers. If they determine that their servers are indeed being used for malicious purposes like this, they can shut down the service from the hosting side of things, making the embedded website codes harmless.

If you have any other techniques which might be useful, please drop us an email at email hidden; JavaScript is required

Have your say

Comments are closed.

Stay in check with our daily burst of news stories delivered to your inbox.

Read more

Up to 40,000 OnePlus customers have their credit card details exposed in data breach

Privacy/Security - If you’ve recently purchased something via the OnePlus website, you may need to regularly check your credit card statement as…

By - Jan 19, 2018 5:04pm AST

The 9 best vlogging cameras for 2018

Entertainment - Even with the YouTube apocalypse, vlogging is still a huge deal. Last year we talked about some of the top…

By - Jan 19, 2018 1:42am AST

YouTube and Facebook pull Tide Pod Challenge videos because people are stupid

Social Media - It’s a new year and people are already doing dumb things for their 15 minutes of internet fame. Both Facebook…

By - Jan 18, 2018 11:10pm AST

Apple will soon allow you to disable battery management software on older iPhones

Mobile - After a wave of mounting criticism, lawsuits, and PR statements, Tim Cook has announced that users will now have the…

By - Jan 18, 2018 3:21am AST

7 things the media gets wrong about air travel and aviation

Travel - When there is ‘trouble’ in the sky, there tends to be ‘trouble’ with the reporting as well. Many news agencies,…

By - Jan 18, 2018 1:47am AST

Apple issues iOS 11.2.2 to address Spectre vulnerability

Mobile - In the wake of the industry-wide Spectre and Meltdown chip flaws, Apple has issued a security update for iOS 11…

By - Jan 8, 2018 2:55pm AST

Social media “Fear Of Missing Out” detrimental to our mental well-being

Science/Space - Human beings generally see themselves in the best light possible compared to others. This psychological phenomenon is called illusory superiority….

By - Jan 2, 2018 11:50pm AST

Passengers on Hawaiian Airlines flight celebrate New Year’s Day twice due to delay

Travel - Passengers on board a Hawaiian Airlines flight from Auckland, New Zealand to Honolulu, Hawaii were able to celebrate New Year’s…

By - Jan 1, 2018 11:13pm AST

LG shows off world’s first 88-inch 8K OLED display for CES 2018

Technology - LG is stepping up the display game with the unveiling of a world first 88-inch, 8K OLED display. When compared…

By - Jan 1, 2018 10:33pm AST

How to fix Samsung Galaxy Note 8 charging issues

Technology - Some Samsung Galaxy Note 8 customers have run into a peculiar situation where their phones refuse to charge after being…

By - Jan 1, 2018 12:31am AST