Coinhive的矿工通过计算机脚本工作,任何人都可以将其安装在网站上。 如果您的浏览器遇到该脚本,则该矿工会利用PC的处理能力来产生名为Monero的虚拟货币。 作为响应,许多防病毒提供商开始阻止Coinhive的矿工。

Coinhive started in 2017 and quickly gained a reputation as a tool for hackers to generate money. They secretly placed Coinhive' s mining script on legitimate websites and third-party browser extensions they had cracked.

但是在2月,Coinhive宣布它将在3月8日关闭,理由是加密货币市场低迷,以及在货币“硬分叉”之后开采Monero遇到困难。 现在,一枚Monero硬币的价值为62美元,低于2018年1月达到的400美元的价值。

但是,Coinhive启发了一些模仿服务。 Segura补充说:“浏览器内的采矿总体上有所减少,但是有一些竞争者,例如CryptoLoot和CoinIMP。” “但是最大的区别是,正在加载这些矿工的网站绝大多数是洪流门户或文件托管服务,而不是像我们过去所看到的那样受到威胁的网站。”

赛门铁克加密 Credit: Symantec

Antivirus providers Symantec and McAfee have also noticed a drop in cryptocurrency mining attacks. "However the shutdown of Coinhive is not necessarily the driver, " McAfee researcher Charles McFarland told PCMag in an email. "Issues stemming from the popularity of Monero, and declining mining profitability in general have likely played a much larger role in the decline of attacks.

"For example, Monero is battling custom, specialized miners taking up a large portion of the network and have forked their network in response, " he added. "The specialized miners leave smaller miners, such as browsers, little room to profit."

A separate security firm, Check Point, has said that cryptocurrency miners still lead overall as the top malware threat; Coinhive alternative CryptoLoot ranks No. 1 on the list.


  • Hackers Are Messing With the ' Web's Phone Book' For Espionage Hackers Are Messing With the 'Web's Phone Book' For Espionage
  • Qualcomm Chip Bug对应用程序帐户安全构成风险Qualcomm Chip Bug对应用程序帐户安全构成风险
  • 骗子黑客GoDaddy帐户发送垃圾邮件以遮盖产品骗子黑客GoDaddy帐户发送垃圾邮件以遮盖产品

Check Point在博客中说:“尽管关闭了Coinhive JavaScript代码,但许多网站上仍在使用Coinhive JavaScript代码。虽然没有进行挖掘,但是如果Monero的价值显着提高,Coinhive可能会复活。”发布。

企业还需要警惕未经授权的采矿。 Check Point看到了在公司使用的云服务器上发现安装了加密货币矿工的情况。 Check Point表示,由于挖矿会消耗计算资源,因此企业被迫向云服务器提供商支付“数十万美元”。