You never know what an innocent click can do. Perhaps because of the short attention span ingrained into people consuming media through connected devices, the trend of not reading before clicking to agree with something persists.
These days, an unsuspecting user browsing through a desktop browser can be tricked into this scheme, exhausting their device’s computing power to mine cryptocurrencies.
Black hat hackers, however, saw this as an opportunity to create exploits. Monero is harder to trace and audit compared to more mainstream cryptocurrencies like Bitcoin Cash. In fact, according to a Bloomberg report, the same cryptocurrency was used by North Korean hackers to shift stolen funds.
With these threats in mind, developers of free browser Opera introduced cryptocurrency mining protection features in their latest update. Logged as an integration with Opera’s existing ad blocker for Version 50, the new feature prompts users when malicious sites call for unwanted cryptomining scripts.
“We are fans of cryptocurrencies but we simply don’t accept that websites are using people’s computers to mine coins without their knowledge or consent,” said Krystian Kolondra, head of the desktop browser division at Opera. “With the new Opera 50, we want to kick off 2018 by providing people a simple way to regain control of their computers.”
The browser has also added support for major cryptocurrencies like Bitcoin Cash in their built-in currency converter.
In an era where a compact smartphones can have roughly the same computing power of a full-sized laptop, and news like old phones getting upcycled to build a Bitcoin mining rig appear every now and then, it may be tough for ordinary users to distinguish whether an app or extension is legitimate or not.
“Everyone knows the feeling of the computer heating up, the fan starting to go crazy and the CPU going to 100 percent for seemingly no reason,” Kolondra said. “These are all signs someone might be mining bitcoins or other cryptocurrencies on your computer.”
Here’s an infographic explainer that the Opera Blog team provided in its post:
Some sites ask permission first, most of which are unintentionally misleading, although the more responsible ones provide clear guidelines and conditions. Other projects like Bail Bloc create socially-oriented campaigns which turn spare hashing power into much-needed funding for people who can’t afford bail while awaiting trial.
According to a report by Ars Technica, the trend among sites and apps exhausting user’s devices to mine crypto can been attributed to the lack of revenue generated from ads. In a blog post, security firm Sucuri noted that at least 500 sites running the WordPress content management system had been hacked through database injection.
Popular sites like Pirate Bay and Showtime have experimented with these scripts in the past, and people got angry real quick. Ad blocker company AdGuard has named these methods as “crypto-jacking” while MalwareBytes has joined the call by issuing a provision in their software to help block unwarranted crypto-mining.
Another report from TechCrunch notes that for Chrome users, minerBlock and No Coin can do the same thing, while Firefox blockers like NoScript also help curb unwanted scripts from intrusion. Opera’s update is the first to enable this feature by default as an integration with its ad blocker.
The free browser’s update also includes support for streaming videos to Chromecast, as well as a built-in VR player integrated for Oculus Rift.