Coinhive, a JavaScript cryptocurrency miner, was reportedly discovered on the BlackBerry Mobile website. It was placed there by hackers who exploited a vulnerability in the site’s e-commerce software that allowed them to anonymously mine cryptocurrency every time the website was viewed.

There’s no doubt Coinhive, an innovative mining method, is being abused and exploited by hackers in the wild. Coinhive offers a legitimate cryptocurrency miner that website administrators and operators can embed into their websites.

When users visit websites hosting the Coinhive miner, JavaScript will run the miner directly in their browsers, mining for cryptocurrency silently in the background using the computers’ processors. This tool was designed as an alternative revenue-generating method for website administrators looking to get rid of ugly banner ads taking up space on their website that could be easily banished using ad-blockers.

Instead of Bitcoin (BTC) or other popular cryptocurrencies, Coinhive mines for Monero (XMR) which is valued about 35 times less than Bitcoin at the time of this writing but still in the top 10 most valuable cryptocurrencies available per coin. Coinhive itself is a completely legitimate company, but recent events in the news have shown how easily this JavaScript mining technology can be abused by hackers looking to make a quick crypto-buck.

The BlackBerry incident is one of many reported cases where hackers and internet service providers (ISPs) used Coinhive for malicious purposes. In October, TrendMicro discovered several apps found in the Google Play Store which utilized Coinhive’s mining technology by invisibly mining cryptocurrencies when the Android apps were installed. Read more from…

thumbnail courtesy of