Hot search keywords

Hot search keywords

Tencent: Porn Sites Are Adopting Javascript Miner of Coinhive to Mine Monero

Other than income from clicking ads, some porn site operators in China have found new ways for their wallets. Recently, a report from Tencent exposed that many websites in China have embedded JavaScript to mine crytpocurrency, or XMR to be more specific. Coinhive service is employed without notifying visitors.
Once visitors access websites that are embedded with mining scripts, they will need to wait a while for loading the pages, little do they know that the auto execution of JavaScripts miner are consuming large portion of CPU usage for mining Monero, or XMR featuring anonymous transaction. Such websites are usually porn site, internet literature, webpage online game etc. As the slow loading of pages could be interpreted as bandwidth or connection problem, it’s difficult for users to detect the mining script, which helps the spread of such behavior.

Analysis of mining behavior is conducted through a porn site:
1. Loading of front page of a porn site takes a while

coinhive01
2. Task manager reveals that the CPU usage is up instantly and always at 100% working load once the site is loaded

coinhive02
3. JS miner is spotted in its source code

coinhive03
4. The JS miner is the service provided by Coinhive, which adopts cryptonight algorithm for mining Monero. Coinhive will adjust XMR payout in real-time every few hours. At press time, the payout was 0.00015579XMR/MH, or 0.0825687RMB/MH. Coinhive will take 30% of the payout and the website claim the other 70%.

coinhive04

 

coinhive05

Payout is divided among Coinhive and website operators

5. Ironically, Coinhive specifically mentions on its documentation that the service shall not be employed without notifying the users.
coinhive06

“ it’s your responsibility to tell your users what’s going on and to provide stats on mined hashes.”

However, the reality is that the service has already been abused.
6. Another new feature is that the API provided by Coinhive allows website operators to control CPU usage so that it’s even harder to detect the mining operation. The zigzag chart below shows how the CPU usage is manipulated.

coinhive07

 

So far hundreds of websites have adopted Coinhive JS miner, most of which are porn site.

coinhive08

List of websites that embeds Javascript miner

PV of JS miner spiked in late September and  the trending is still upward, which means more victims could be expected.

Previously Pirate Bay, the most popular bittorrent site, has been found using the same script to mine Monero.

Tencent owns the most popular socializing tool in China and has great media influence. The exposure links cryptocurrency with porn sites and may inspire more interest on both subjects.

COMMENTS(48)

  • Lid4Life
    2 weeks ago Lid4Life

    You know…… This is probably one area where this is actually going to work

  • Riiume
    2 weeks ago Riiume

    Hot cha cha cha

  • senzheng
    2 weeks ago senzheng

    I wonder if fluffypony has ever expected to read this headline when he started with the project. lol

  • Riiume
    2 weeks ago Riiume

    Every monero hodler gets a free pron star plz

  • Bits-of-Wisdom
    2 weeks ago Bits-of-Wisdom

    A match made in Heaven.
    🙂

  • bloodwire
    2 weeks ago bloodwire

    I don’t know what people use to watch porn, but if it is mostly on tablets and phones, then this may not be a good idea. I hope they at least do a check on that before implementing anything.

    Still, it makes sense, people tend to load a page and stay on that page for longer time than many of the other types of web-pages out there.

  • Thunderous_Penous
    2 weeks ago Thunderous_Penous

    Oh the irony – when a simple switch to Brave browser will let us collect crypto for our browsing attention and not the other way around.

  • M5M400
    2 weeks ago M5M400

    average session time: 3,5 min 🙂

  • Vespco
    2 weeks ago Vespco

    Jeez, knock before you enter! You never know when I’m securing the blockchain. Really playing with fire here.

  • icarrysig
    2 weeks ago icarrysig

    I’m sure he knows that adoption by the pr0n industry is a big deal. Wouldn’t be surprised in the least if it were an unstated goal.

  • bloodwire
    2 weeks ago bloodwire

    You need to do it more often then. Build up more stamina.

  • Badboniac
    2 weeks ago Badboniac

    You need to do it more often then.

    Try getting married. Worked for me.

  • cryptohazard
    2 weeks ago cryptohazard

    I am starting to wonder how well it performs. I mean you need a good deal of volume and CPU time to be meaningful. Soon if not already, everyone will mine in ads!

  • DesiPlayBoy
    2 weeks ago DesiPlayBoy

    Brave will fail. You won’t get a penny for watching. Websites don’t need your attention. You are not worth that much. All you are worth is a penny per view.

  • palehorsey
    2 weeks ago palehorsey

    i use my computer mostly. the work one,,,at work. yeah so i guess that explains why smart phones took off. kids these days.

  • CryptoPapi
    2 weeks ago CryptoPapi

    BAH GAWD that man had a family!

  • nkunzi
    2 weeks ago nkunzi

    I’m gonna make you work for that happy ending.

  • Thunderous_Penous
    2 weeks ago Thunderous_Penous

    You won’t get a penny for watching.

    All you are worth is a penny per view.

    Since you’re confused, I’ll clarify – I was referring to BAT, not pennies

  • pornsitemaster
    2 weeks ago pornsitemaster

    LOL! Had to make this throwaway because I’m guilty of this. I host and manage a network of low-traffic porn sites and I replaced every pop-under/dirty advertisement with coinhive.

    I guess it may be bad for some users, battery powered devices and so on… still I think the user is happier with this than dealing with dirty tricky ads.

    And you know, hosting is not free and porn sites are, so I need to pay the bills somehow. I set the miners throttled to 0.4 and for now I haven’t received any complaint from users.

    Right now I’m averaging around 400 H/s, so around $20 a month, which isn’t even enough to pay for the servers, but its better than $0 and it helps.

  • CapnFartfaceMcGee
    2 weeks ago CapnFartfaceMcGee

    You should tout it as a feature and tell users – no shitty click through redirects would probably get people to return.

  • DesiPlayBoy
    2 weeks ago DesiPlayBoy

    In the end, everything right now is measured to the fiat, you can, however, assume the equivalent of a penny in BAT. BAT’s model will fail. I’ve studied it. It’s flawed.

    No publisher would want Brave Browser to control their web page. AdBlockers (Brave’s built in AdBlock) can bypass anti adblock scripts and ads, but they won’t be able to bypass miners. I can write a miner, that will wait for the response from the server. The server reverifies 1% of the hashes randomly, they can know if you are spamming them. Sends responds to script. I can tie the scrolling functionality of page to the miner’s response from the server. You block the miner, either of 2 things can happen. If AdBlocker disables Javascript, the page won’t scroll, if not than AdBlocker message pops up on page and content vanishes. The Javascript code is obfuscated, and you know what that means if you are a programmer.

    Know what project you support in detail. You seem to lack the bigger picture.

  • pornsitemaster
    2 weeks ago pornsitemaster

    I know it’s disencouraged, but there is little options to make small sites profitable. I will add a footer note, I can’t really think of much else I can do really.

    Regarding returning users, these have always been in the minority (even when I launched the sites, without ads). People trust Google or Bing for porn too, and they will only remember the actual URLs of the big porn sites.

  • Eudemon369
    2 weeks ago Eudemon369

    JS mining uses up CPU only? what about GPU?

  • Eudemon369
    2 weeks ago Eudemon369

    I like your account name, you should keep it

  • Thunderous_Penous
    2 weeks ago Thunderous_Penous

    This sounds more like detail than big picture but thanks nonetheless for your reply.

    No publisher

    CoinDesk

  • DesiPlayBoy
    2 weeks ago DesiPlayBoy

    CoinDesk has Google Ads.

  • Riiume
    2 weeks ago Riiume

    Most random website visitors are not using souped-up gaming desktops– a lot of them are on cheap laptops or even smartphones. Thus, the CPU is the only resource guaranteed to be present.

    But you may have a point; it might be possible to use WebCL to create a javascript GPU miner.

  • chowbungaman
    2 weeks ago chowbungaman

    Pornsitemaster, do any of the “high end” paid sites offer a Pay in Monero option with no signup required?

  • Eudemon369
    2 weeks ago Eudemon369

    do you think it’s possible to use GPU miner with a fall back CPU miner if it doesn’t exist or below certain spec

  • Thunderous_Penous
    2 weeks ago Thunderous_Penous

    I wouldn’t know – I use Brave

  • BifocalComb
    2 weeks ago BifocalComb

    I’m willing to write and direct a monero themed porno. I’d need obviously a porn type girl and some money, maybe $2500-3000, depending on who I can cast. Also, a guy with a giant monero shaped peen. If you have any of these components I’ll take em.

  • rbrunner7
    2 weeks ago rbrunner7

    Well, it doesn’t seem to look good for WebCL support in mainline browsers, see e.g. this Stack Overflow question, so the answer is probably “no”.

  • esfomeado
    2 weeks ago esfomeado

    Anyone knows the website in the image?

    Thanks

  • cudenlynx
    2 weeks ago cudenlynx

    Is there a method for finding out if your machine is actively mining?

  • DesiPlayBoy
    2 weeks ago DesiPlayBoy

    You can use WebGL, albeit more difficult to implement.

  • DesiPlayBoy
    2 weeks ago DesiPlayBoy

    CoinDesk went with brave ads, and it failed to generate revenue for them. They then went back go Adsense by Google.

  • OracularTitaness
    2 weeks ago OracularTitaness

    sotmething along the lines of ‘watch porn safely and help make internet decentralized’ seems like a catchy title for a site

  • CapnFartfaceMcGee
    2 weeks ago CapnFartfaceMcGee

    decentralizemywank.com

  • Thunderous_Penous
    2 weeks ago Thunderous_Penous

    Do you think that has anything to do with the fact that the payment part of Brave only went live for preview version last week? Or is there another reason?

  • DesiPlayBoy
    2 weeks ago DesiPlayBoy

    There is another reason. Machine learning in this day and age is not accurate advanced enough. An advertiser does not want your clicks (most of the time), he wants you to buy the product.

    Machine learning cannot predict whether you will buy the product or not with high certainty. And advertiser pays 5$ for 1000 impression on average in developed countries, and less than 1$ for 1000 impression in non-developed countries. Therefore the money that you gain will be a fraction of a penny per view, you can assume its equivalent in BAT if that helps. That money per view is enough for the website, because of economies of scale, assuming they get millions of views daily. e.g $0.01 * $1,000,000 = $10,000 daily.

    The brave foundation claims it will employ advanced machine learning to ensure a higher certainty per click. Machine learning for that kind of stuff will need much more data, for example, how many times you poop per day etc. That data cannot be processed on your average pc, it’ll cripple it down. Also, your data alone is worthless, it combined with data of millions of people could have some value. In order for predictive models to work, your data will be needed to send outside your computer, this is what Google exactly does (it computes your data on their servers). Same invasion of privacy for Brave as well as Google, for privacy paranoid people.

    Google might have your data, but it does not sell it to 3rd parties. It uses the data to train machine learning, and that advertises relevant content to you.

    The content, however, won’t be relevant if you use an AdBlocker, because of most of them apart from blocking ads, they block google trackers, which if not blocked, allows Google to deliver more relevant advertising.

    It clearly seems you need to study more. Don’t get overhyped from ICO’s, and think rationally, and not only from one side but the other argument as well.

  • 8btccom
    2 weeks ago 8btccom

    check your cpu usage via task manager.

  • endorxmr
    2 weeks ago endorxmr

    Please do not run webminers on battery-powered devices. Implement a script that disables it or something!

  • tazmanrising
    7 days ago tazmanrising

    The cool thing for you is if you keep your Monero it could be worth a ton more in a year or two.

  • tazmanrising
    7 days ago tazmanrising

    Curious.. if at work I left a site open that I running my CPU all day.. any idea how much money I would make with coinhive? Sure I get it that the company I work for would be using more electricity from my CPU running high.. just curious if you could guess for 1 constant user rate of pay per day or per month?

  • pornsitemaster
    2 days ago pornsitemaster

    not that I know of. Keep in mind that this has always been a side project for me, my business is small and last years it have been dwindling (due to my lack of time to maintain and improve it), so I’m not really informed about new stuff being implemented in the community.

  • pornsitemaster
    2 days ago pornsitemaster

    not that I know of. Keep in mind that this has always been a side project for me, my business is small and last years it have been dwindling (due to my lack of time to maintain and improve it), so I’m not really informed about new stuff being implemented in the community.

  • pornsitemaster
    2 days ago pornsitemaster

    It doen’t make much money. Javascript already offers only around 70% of the performance of native miners, and coinhive keeps 30% of that. So in the end you are getting 49% of what you would make with a native miner.

  • pornsitemaster
    2 days ago pornsitemaster

    It doen’t make much money. Javascript already offers only around 70% of the performance of native miners, and coinhive keeps 30% of that. So in the end you are getting 49% of what you would make with a native miner.

Please sign in first