The report was published at University College London for the IEEE Security & Privacy on the Blockchain workshop by analysts Shayan Eskandari, Andreas Leoutsarakos, Troy Mursch, and Jeremy Clark. It aims to answer whether cryptojacking should be treated as an attack or a business opportunity.
The researchers state that a renewal of browser-based mining is being noticed. That is because the aforementioned mining method had initially been replaced by ASIC chips, due to Bitcoin (BTC) becoming more energy-intensive and thus expensive. However, browser-based mining is coming back after the appearance of ASIC-resistant cryptocurrencies.
Coinhive, launched in 2017, did not originally require approval before running its mining code, which let it be added to malware lists.
The academic article examines crypto browser mining that does not ask for user‘s approval and describes it as invisible abuse. Showtime, an American premium cable, and satellite television network, stood as an example, when it was revealed in September of 2017, that two of their associated websites were running Coinhive‘s code. In the light of this, Coinhive affirmed to ask users for approval before mining with their processing power.
In an attempt to acknowledge companies who blocked Coinhive‘s script for its malicious use, Coinhive added Authendmine, a service, which requires user‘s consent to be able to mine through their browsers.
As the report states, the ethical problems persist even when users freely consent to their CPU ‘s being used for mining, as they might not fully recognize what they are signing. Users might gain from a lack of ads or better quality video streaming, however, they could just as well be stuck with higher energy bills, accelerated device degradation, slower system performance, and a poor web experience.
Coinhive was in recent times associated with Telecom Egypt, a company, that was reportedly exploiting Egyptian‘s internet traffic to divert them to websites with crypto mining codes.