The Coinhive cryptocurrency mining facility is being misused as a new hacking tool.  Cybercriminals can secretly imbed this on vulnerable websites with weak security controls & mine digital currencies for themselves. There is no notification to visitors that any mining is taking place.

A brilliant idea to monetize internet traffic appears to be running amok.  You may have encountered it. Computer code that has found its way into tens of thousands of websites secretly siphons CPU processing power to mine a digital currency called Monero.

The code’s developer, Coinhive, rakes in the dough, but some security researchers claim it’s a form of malware, and say the code is lining the pockets of hackers, too. “It’s becoming a new revenue stream for cybercriminals,” said Troy Mursch, an independent security researcher.

Coinhive first released its cryptocurrency miner in September as a novel way for websites to generate revenue. Once embedded into a website, the code mines the digital currency Monero by borrowing visitors’ CPU processing power. The more visitors, the more money earned. Site owners take a 70 percent share, while Coinhive grabs the rest.

That may sound great, but there’s one big problem: the Coinhive code often doesn’t tell website visitors that any mining is taking place. It can simply borrow CPU processing power via the browser, without any warning.  Mursch found the crypto miner in over 30,000 random sites, many of which don’t appear to be using the Coinhive code deliberately. Among them was PolitiFact, a fact-checking service which briefly hosted the Coinhive code in October because its site was hacked.