Cryptojacking describes the creation of cryptocurrencies by visitors of a website without their approval. Since mining is a very computing-intensive process, this can lead to reduced battery life on mobile devices. Due to this, the St. Pölten UAS has developed the free software "CoinEater" which recognises online crypto mining and blocks its execution.

"Usually high-performance hardware is used to generate cryptocurrencies. Cryptojacking distributes mining between many, less powerful devices and poses a new form of threat on the Internet", explains Sebastian Schrittwieser, Head of the Institute for IT Security Research at the St. Pölten UAS, who helped develop the software.

This means that the attackers do not generate cryptocurrencies on their own computers and with their own electricity but on somebody else's. The computer runs at full speed, the battery drains quickly and the profit goes to the attackers.

Ongoing Search for New Threats

A scanner developed at the Institute for IT Security Research automatically searches the Internet for cryptojacking at regular intervals. The results are then integrated into the CoinEater software. To do this, researchers went through over one million of the most popular websites and uncovered that more than 3,000 sites digging for cryptocurrencies without their users' knowledge. The researchers' programme also provides a technical analysis of the methods used by these websites.

"The use of such techniques is legitimate if website users agree to them, for instance, in order to hide advertisements", says Schrittwieser. Cryptojacking, on the other hand, is a misuse of the users' devices.

"Even though Coinhive, the largest provider of online mining software today, is going to discontinue its services soon, the problem will not be completely eradicated and mining could become more worthwhile once again later on", explains Schrittwieser. The developed scanner can also detect other providers of crypto mining.

Protection against Pop Ups

The scanner also recognises another new phenomenon on the Internet: the pop-up scam. When visiting websites, users are confronted with pop-up windows containing ads or short messages which link them to fee-based offers or malware and which have to be tediously clicked away.

The software CoinEater was developed by researchers of the St. Pölten UAS in the course of the research project PriSAd (Privacy and Security in Online Advertisement) and funded by the Austrian Research Promotion Agency (FFG). IT security company Nimbusec was a partner of the project.

The software is updated constantly. It scans about 100,000 pages every day and runs a software update for the one million pages once every ten days.

Download of the add-on for protection from crypto mining