close

monero

Kenyan Entertainment Blog Caught Mining Monero Using Visitor Browsers

computer-1185567_1280

On September 27, Nairobi Wire, a famous entertainment blog in Kenya, found itself at the center of attention after it was discovered that they were mining cryptocurrency using their visitor’s computers through a program called Coin-Hive.

Coin-HiveCoin-Hive is a service that makes it possible for people to mine the anonymous cryptocurrency Monero (XMR) directly from a visitor’s computer through the insertion of a JavaScript code within the code of the intended website.

The Pirate Bay First to Use Coin-Hive

This is not the first case where a well-known website has been exposed for such. A couple of days ago, filesharing platform Pirate Bay was caught hijacking its visitors’ browsers for the purpose of mining cryptocurrency. In a statement released by Pirate Bay shortly after the news broke, the company said that it was experimenting with eliminating ads from its website while also finding an alternative way to generate revenue.

On the 18th of September 2017, the same day that Pirate Bay came under attack, Memeburn found itself in the same mess. Memeburn is a multimedia digital publishing house that pays attention to everything digital in the emerging markets. In response to the fiasco, Memeburn pulled down their website and issued a statement through their Facebook page stating that, “we found that a mining tool dubbed Coin Hive was using the website to mine cryptocurrency.” In their defense, they claimed to not have known about it and that they discovered it after “a complaint from a user with regards to high CPU usage when visiting Memeburn.”

Barely a week after Pirate Bay’s admission of mining cryptocurrency using their visitors’ browsers, CBS’ ShowTime found itself in the same rocky situation. ShowTime is an on-demand video streaming service. It is, however, unlikely that for a big corporation like them would intentionally place codes to mine cryptocurrency especially since they charge their users to access their content. It is still unclear on whether ShowTime’s case was intentional or was as a result of their website being hacked as they refused to comment on the matter when contacted by The Register.

Nairobi Wire’s Response

Since the unearthing of the JavaScript code by Coin-Hive on Nairobi Wire’s site, the number of users who have come out to authenticate these allegations has only been on the rise with some claiming that they had gone through the same incident three days before the unearthing. Although Nairobi Wire pulled down the code after it was discovered, some users had already taken screenshots which were circulated on various social media platforms.

In a response to the story published by Techweez about Nairobi Wire mining cryptocurrency through their visitors, they sent a direct message to Techweez via Twitter stating:

“We had already stated on Wednesday that the script was unauthorized. We pulled it down immediately we learned of it. i.e. Tuesday night. We have confirmed that no other mining script is currently running. Between Tuesday and Thursday last week, we had outsourced some maintenance work to an outside developer. It has been our tradition to outsource a big chunk of our design/maintenance work. This means giving outsiders -sometimes foreigners access.”

The response went ahead to say, “We have thus concluded that the said script was installed sometime last week, by our external developer. Nairobi Wire never benefited in any way, and we have now cut links with that particular developer. Our policy of NOT having non-obstructive ads, like pop-up/under remains. This is designed to provide a smooth experience throughout. The mining script falls under ‘obstructive’ ads since it greatly slows down computers and/or can even be damaging to the CPU. We have no plans to use mining scripts now or in the future. If that changes, our readers will be informed and given an option to opt out.”

Business Daily, a leading business publication newspaper owned by Nation Media Group, had also been accused of using Coin-Hive to mine cryptocurrency via the Techweez Forum. And even though the code had already been removed, screenshots of the code on their website had already been captured.

The contentious issue with the above-mentioned cases involving large companies is that they failed to seek their visitors’ permission before mining cryptocurrency using their CPU power. Moreover, only Pirate Bay admitted to having run the code intentionally. With ads being a major pain when consumers are getting access to content on different websites, we are sure they wouldn’t mind letting go of a trifling percentage of their computer’s CPU power if it meant getting an ad-free experience.

With ads being considered a nuisance by many Internet users, there could definitely be a market for this type of revenue generating business model for online publications, provided visitors grant sites permission before giving up some of their CPU power in exchange for an ad-free web surfing experience.

read more