Tencent: Porn Sites Are Adopting Javascript Miner of Coinhive to Mine Monero
Other than income from clicking ads, some porn site operators in China have found new ways for their wallets. Recently, a report from Tencent exposed that many websites in China have embedded JavaScript to mine crytpocurrency, or XMR to be more specific. Coinhive service is employed without notifying visitors.
Once visitors access websites that are embedded with mining scripts, they will need to wait a while for loading the pages, little do they know that the auto execution of JavaScripts miner are consuming large portion of CPU usage for mining Monero, or XMR featuring anonymous transaction. Such websites are usually porn site, internet literature, webpage online game etc. As the slow loading of pages could be interpreted as bandwidth or connection problem, it’s difficult for users to detect the mining script, which helps the spread of such behavior.
Analysis of mining behavior is conducted through a porn site:
1. Loading of front page of a porn site takes a while
2. Task manager reveals that the CPU usage is up instantly and always at 100% working load once the site is loaded
3. JS miner is spotted in its source code
4. The JS miner is the service provided by Coinhive, which adopts cryptonight algorithm for mining Monero. Coinhive will adjust XMR payout in real-time every few hours. At press time, the payout was 0.00015579XMR/MH, or 0.0825687RMB/MH. Coinhive will take 30% of the payout and the website claim the other 70%.
Payout is divided among Coinhive and website operators
5. Ironically, Coinhive specifically mentions on its documentation that the service shall not be employed without notifying the users.
“ it’s your responsibility to tell your users what’s going on and to provide stats on mined hashes.”
However, the reality is that the service has already been abused.
6. Another new feature is that the API provided by Coinhive allows website operators to control CPU usage so that it’s even harder to detect the mining operation. The zigzag chart below shows how the CPU usage is manipulated.
So far hundreds of websites have adopted Coinhive JS miner, most of which are porn site.
List of websites that embeds Javascript miner
PV of JS miner spiked in late September and the trending is still upward, which means more victims could be expected.
Previously Pirate Bay, the most popular bittorrent site, has been found using the same script to mine Monero.
Tencent owns the most popular socializing tool in China and has great media influence. The exposure links cryptocurrency with porn sites and may inspire more interest on both subjects.
Learn cryptocurrency and digital assets since 2013 and co-founder of 8btc in 2014. Co-author of 2014-2015 Digital Currency Development Report(2015) and Investment Guidelines for Crypto and Blockchain assets (to be published in 2017).
COMMENTS(51)
You know…… This is probably one area where this is actually going to work
Hot cha cha cha
I wonder if fluffypony has ever expected to read this headline when he started with the project. lol
Every monero hodler gets a free pron star plz
A match made in Heaven.
🙂
I don’t know what people use to watch porn, but if it is mostly on tablets and phones, then this may not be a good idea. I hope they at least do a check on that before implementing anything.
Still, it makes sense, people tend to load a page and stay on that page for longer time than many of the other types of web-pages out there.
Oh the irony - when a simple switch to Brave browser will let us collect crypto for our browsing attention and not the other way around.
average session time: 3,5 min 🙂
Jeez, knock before you enter! You never know when I’m securing the blockchain. Really playing with fire here.
I’m sure he knows that adoption by the pr0n industry is a big deal. Wouldn’t be surprised in the least if it were an unstated goal.
You need to do it more often then. Build up more stamina.
http://NEWS.8BTC.COM | Tencent: Porn Sites Are Adopting Javascript Miner of Coinhive to Mine Monerohttp://news.8btc.com/tencent-porn-sites-are-adopting-javascript-miner-by-coinhive-to-mine-monero …
You need to do it more often then.
Try getting married. Worked for me.
I am starting to wonder how well it performs. I mean you need a good deal of volume and CPU time to be meaningful. Soon if not already, everyone will mine in ads!
Brave will fail. You won’t get a penny for watching. Websites don’t need your attention. You are not worth that much. All you are worth is a penny per view.
i use my computer mostly. the work one,,,at work. yeah so i guess that explains why smart phones took off. kids these days.
BAH GAWD that man had a family!
I’m gonna make you work for that happy ending.
You won’t get a penny for watching.
All you are worth is a penny per view.
Since you’re confused, I’ll clarify - I was referring to BAT, not pennies
LOL! Had to make this throwaway because I’m guilty of this. I host and manage a network of low-traffic porn sites and I replaced every pop-under/dirty advertisement with coinhive.
I guess it may be bad for some users, battery powered devices and so on… still I think the user is happier with this than dealing with dirty tricky ads.
And you know, hosting is not free and porn sites are, so I need to pay the bills somehow. I set the miners throttled to 0.4 and for now I haven’t received any complaint from users.
Right now I’m averaging around 400 H/s, so around $20 a month, which isn’t even enough to pay for the servers, but its better than $0 and it helps.
You should tout it as a feature and tell users - no shitty click through redirects would probably get people to return.
In the end, everything right now is measured to the fiat, you can, however, assume the equivalent of a penny in BAT. BAT’s model will fail. I’ve studied it. It’s flawed.
No publisher would want Brave Browser to control their web page. AdBlockers (Brave’s built in AdBlock) can bypass anti adblock scripts and ads, but they won’t be able to bypass miners. I can write a miner, that will wait for the response from the server. The server reverifies 1% of the hashes randomly, they can know if you are spamming them. Sends responds to script. I can tie the scrolling functionality of page to the miner’s response from the server. You block the miner, either of 2 things can happen. If AdBlocker disables Javascript, the page won’t scroll, if not than AdBlocker message pops up on page and content vanishes. The Javascript code is obfuscated, and you know what that means if you are a programmer.
Know what project you support in detail. You seem to lack the bigger picture.
I know it’s disencouraged, but there is little options to make small sites profitable. I will add a footer note, I can’t really think of much else I can do really.
Regarding returning users, these have always been in the minority (even when I launched the sites, without ads). People trust Google or Bing for porn too, and they will only remember the actual URLs of the big porn sites.
JS mining uses up CPU only? what about GPU?
I like your account name, you should keep it
This sounds more like detail than big picture but thanks nonetheless for your reply.
No publisher
CoinDesk
CoinDesk has Google Ads.
Most random website visitors are not using souped-up gaming desktops- a lot of them are on cheap laptops or even smartphones. Thus, the CPU is the only resource guaranteed to be present.
But you may have a point; it might be possible to use WebCL to create a javascript GPU miner.
Pornsitemaster, do any of the “high end” paid sites offer a Pay in Monero option with no signup required?
do you think it’s possible to use GPU miner with a fall back CPU miner if it doesn’t exist or below certain spec
I wouldn’t know - I use Brave
I’m willing to write and direct a monero themed porno. I’d need obviously a porn type girl and some money, maybe $2500-3000, depending on who I can cast. Also, a guy with a giant monero shaped peen. If you have any of these components I’ll take em.
Well, it doesn’t seem to look good for WebCL support in mainline browsers, see e.g. this Stack Overflow question, so the answer is probably “no”.
Anyone knows the website in the image?
Thanks
Is there a method for finding out if your machine is actively mining?
You can use WebGL, albeit more difficult to implement.
CoinDesk went with brave ads, and it failed to generate revenue for them. They then went back go Adsense by Google.
sotmething along the lines of ‘watch porn safely and help make internet decentralized’ seems like a catchy title for a site
decentralizemywank.com
Do you think that has anything to do with the fact that the payment part of Brave only went live for preview version last week? Or is there another reason?
Is nothing sacred?
There is another reason. Machine learning in this day and age is not accurate advanced enough. An advertiser does not want your clicks (most of the time), he wants you to buy the product.
Machine learning cannot predict whether you will buy the product or not with high certainty. And advertiser pays 5$ for 1000 impression on average in developed countries, and less than 1$ for 1000 impression in non-developed countries. Therefore the money that you gain will be a fraction of a penny per view, you can assume its equivalent in BAT if that helps. That money per view is enough for the website, because of economies of scale, assuming they get millions of views daily. e.g $0.01 * $1,000,000 = $10,000 daily.
The brave foundation claims it will employ advanced machine learning to ensure a higher certainty per click. Machine learning for that kind of stuff will need much more data, for example, how many times you poop per day etc. That data cannot be processed on your average pc, it’ll cripple it down. Also, your data alone is worthless, it combined with data of millions of people could have some value. In order for predictive models to work, your data will be needed to send outside your computer, this is what Google exactly does (it computes your data on their servers). Same invasion of privacy for Brave as well as Google, for privacy paranoid people.
Google might have your data, but it does not sell it to 3rd parties. It uses the data to train machine learning, and that advertises relevant content to you.
The content, however, won’t be relevant if you use an AdBlocker, because of most of them apart from blocking ads, they block google trackers, which if not blocked, allows Google to deliver more relevant advertising.
It clearly seems you need to study more. Don’t get overhyped from ICO’s, and think rationally, and not only from one side but the other argument as well.
check your cpu usage via task manager.
Please do not run webminers on battery-powered devices. Implement a script that disables it or something!
The cool thing for you is if you keep your Monero it could be worth a ton more in a year or two.
Curious.. if at work I left a site open that I running my CPU all day.. any idea how much money I would make with coinhive? Sure I get it that the company I work for would be using more electricity from my CPU running high.. just curious if you could guess for 1 constant user rate of pay per day or per month?
not that I know of. Keep in mind that this has always been a side project for me, my business is small and last years it have been dwindling (due to my lack of time to maintain and improve it), so I’m not really informed about new stuff being implemented in the community.
not that I know of. Keep in mind that this has always been a side project for me, my business is small and last years it have been dwindling (due to my lack of time to maintain and improve it), so I’m not really informed about new stuff being implemented in the community.
It doen’t make much money. Javascript already offers only around 70% of the performance of native miners, and coinhive keeps 30% of that. So in the end you are getting 49% of what you would make with a native miner.
It doen’t make much money. Javascript already offers only around 70% of the performance of native miners, and coinhive keeps 30% of that. So in the end you are getting 49% of what you would make with a native miner.
There is a competitor than takes 15%.. I was just curious
Please sign in first