Website can now use your PC for cryptomining after you close your browser

Coinhive continues to get used an abused

Website can now use your PC for cryptomining after you close your browser

Website can now use your PC for crypto mining after you close your browser

In a recent Blog from Malwarebytes, the company has showcased a new usage of in-browser crypto mining that can persist even after the user closes all visible tabs. This technique is designed to utilise the system resources of users without their knowledge or consent, leaving a computer in a state where it will draw more power and act more sluggishly than usual. 

This highlights one of the major downsides of cryptocurrency mining, as while it can allow some websites to become ad-free the system is often used without any consent from the user and can infect the user's PC like malware, utilising precious resources until users manually find and eradicate the miner in question. 

Malwarebytes also reports that Coinhive has been used to infect servers and some popular plugins with mining code, allowing thousands of systems to be potentially affected by crypto mining software, all to generate profit for hackers. 

When it comes to the advent of this new persistent method of browser crypto mining, a miner is run in a new window that is designed to run behind your taskbar at the bottom right-hand corner of your screen. This location is typically hidden by a clock on Windows 7, 8 and 10. Closing this pop-up window will solve this crypto mining issue, returning your system to normal. 


While the idea of crypto mining to generate revenue online is not necessarily a bad thing, the problems arise when users are forced to do it against their will and without any form of consent. It is expected that this web-based crypto mining craze is going to get a lot worse before it gets better.   


  Nearly two months since Coinhive’s inception, browser-based cryptomining remains highly popular, but for all the wrong reasons. Forced mining (no opt-in) is a bad practice, and any tricks like the one detailed in this blog are only going to erode any confidence some might have had in mining as an ad replacement. History shows us that trying to get rid of ads failed before, but only time will tell if this will be any different.

Unscrupulous website owners and miscreants alike will no doubt continue to seek ways to deliver drive-by mining, and users will try to fight back by downloading more adblockers, extensions, and other tools to protect themselves. If malvertising wasn’t bad enough as is, now it has a new weapon that works on all platforms and browsers.

You can join the discussion on the growing popularity and pervasiveness of web-based crypto miners on the OC3D Forums.  

«Prev 1 2 Next»

Most Recent Comments

30-11-2017, 11:22:06

Damn, thanks for bringing this to our attention. I certainly was completely unaware of this, untill now. Will definitely keep an extra eye on the task manager from now on.Quote

30-11-2017, 11:34:53

Is this a Windows-only problem or are Mac and Linux users affected at all - also what sort of sites are known to do this? Do you have to give permission to run something do we know?Quote

30-11-2017, 11:48:13

It uses JavaScript so it's platform agnostic. It also runs like any other script, and I guess it's a decent demo of the language's capabilities - I've been vouching for noscript addons for years now for untrusted websites.

uBlock Origin and I assume other ad blockers as well are on top of this issue already.Quote

30-11-2017, 12:03:58

Originally Posted by looz View Post
uBlock Origin and I assume other ad blockers as well are on top of this issue already.
Probably. But how many people use those add-ons vs how many people are connected is kind of an issue.

I think that most people on websites like this one don't have to worry about viruses and secret cryptomining because chances are, we are aware of every running process and can tell even a minuscule decrease in speed or some other issue with out PC's. Most people can't do that.Quote

30-11-2017, 13:59:28

You have to admire the genius behind this. Quite smart.

However it is forced and therefore a threat.Quote

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.