Even if your Mac is protected with anti-malware and anti-virus software, and you make a point of keeping your operating system and applications up to date, there’s always new security threats to worry about.
Cryptocurrency mining is the latest threat that can transform your Mac into an algorithm-solving machine that generates cryptocurrency coins for website owners – without your permission.
These cryptocurrency mining scripts run in your browser and let the website owner use your Mac’s CPU to mine digital currency, such as Bitcoins. The website’s owner gets the cryptocurrency, while you take the performance hit as your CPU is pushed to its limit. Depending on how frequently you encounter these scripts, you may even notice that the battery’s draining faster than usual, which could even have an impact on your electricity bill!
Plenty of websites are already using cryptocurrency mining, most notably the Pirate Bay, who were recently spotted testing mining scripts on their websites.
At the time of writing, none of the major browsers were actively blocking cryptocurrency miners, so in this article I’m going to show how to protect yourself against cryptojacking.
By the end of this article, you’ll have checked whether your favourite websites are guilty of cryptocurrency mining, and will know exactly how to prevent any website from using your CPU and power supply for their own financial gain.
How does cryptocurrency mining work?
Cryptocurrency is a purely digital currency that has no physical form. New units of cryptocurrency are generated by mining, which can be a lucrative business, but is also an intensive task that requires lots of processing power and electricity. Website owners can greatly reduce the time and cost of mining new cryptocurrency, by spreading the work across many different computers, which is why mining scripts are becoming so popular!
Initially, hackers mined cryptocurrency by installing malware on the victim’s computer, but recently many miners have switched tactics and it’s now becoming increasingly common for mining to happen inside the web browser. The website owner embeds a few lines of JavaScript in their website, and as soon as the user visits a website that script can start harnessing the computer’s CPU power. Since no malware is being pushed to the user’s machine, this exploit can be difficult for anti-malware and antivirus software to spot.
Most of the time mining will stop when you navigate away from the website where this script is embedded, but some websites are overcoming this restriction by launching a popup in the background. These popups may even be sized and positioned specifically to make them difficult to spot, to the point where some people refer to these popups as “pop-unders.” As long as this popup is running in the background, the website can continue mining for cryptocurrency, long after you’ve navigated away from that particular website, and potentially even after you’ve closed your web browser!
Is cryptocurrency mining always a bad thing?
Cryptocurrency mining without the user’s permission isn’t illegal, but a website owner hijacking your computer’s CPU and battery power for their own financial gain is definitely unethical!
In this article, I’ll show you how to prevent mining scripts from running in the web browser without your consent, but that doesn’t mean mining scripts are always a bad thing. If a website owner is upfront about their use of scripts and the impact they have on your CPU and power consumption, then mining could even be an alternative way of supporting your favourite websites.
The Internet currently runs on adverts, but lots of people hate adverts. In the future, websites could give you a choice between viewing their content with ads, or viewing their content without ads if you’re willing to lend that website some of your CPU.
Some websites are already experimenting with this setup, for example Salon.com will suppress adverts if you allow the site to run cryptocurrency scripts in your web browser. The Salon.com FAQ clearly states that your computer will work “a bit harder and (use) more electricity than if you were just passively browsing the site with ads,” so they’re being completely transparent about how their scripts will impact the user experience.
If you do encounter a website that requests your permission to run mining scripts, then don’t automatically assume it’s a negative thing. You should always consider whether you want to support this website by allowing cryptocurrency mining, especially if that website is offering an incentive, such as suppressing adverts.
Essentially, the problem is websites performing cryptocurrency mining without your consent, and not the mining process itself.
Are your favourite websites earning money from your CPU?
The easiest way to check whether one or more websites are performing cryptocurrency mining, is to monitor how your Mac behaves when you’re browsing the web. If your Mac frequently crashes or freezes; takes longer to perform simple tasks, or if your laptop’s fan seem noisier than usual, then these are all signs that your Mac is being cryptojacked.
If you suspect one or more websites are using your Mac to mine digital currency, then you should check whether your CPU usage spikes when you visit these websites.
You can check for CPU spikes, using your Mac’s built-in Activity Monitor app:
- Close every application.
- Launch macOS’ Activity Monitor, by opening a Finder window and navigating to ‘Applications > Utilities > Activity Monitor.’
- In Activity Monitor, select the ‘CPU’ tab. In the bottom-left of this window, you’ll see your CPU usage as a percentage, broken down into System, User and Idle.
- Open your web browser and visit each website that you want to check. If a website spikes your CPU stats, then this site might be using a cryptocurrency mining script.
- If you do discover a site that seems to spike your CPU, then close the tab where you’re viewing this website. If CPU usage drops, then it’s looking increasingly likely that this website is performing cryptocurrency mining. If CPU use remains high, then check whether any popups or “pop-unders” have launched in the background, as these might be responsible for your high CPU usage.
Alternatively, you could install a third party app that’s designed to monitor your CPU and alert you if it detects any unusual activity.
How do I protect myself against cryptocurrency mining?
There’s several ways that you can limit, or even completely block, cryptocurrency mining scripts.
1. Use an adblocker
Some advert-blocking extensions and software have already started adding features designed to block cryptocurrency miners; most notably the AdBlock extension, which we’ve covered previously.
AdBlock is available for Chrome, Safari, and Firefox, although the process of activating this filter varies between browsers. To activate this filter in Safari:
- Launch Safari.
- Select the little ‘AdBlock’ icon in Safari’s menu bar, and then select ‘Options’ from the dropdown menu. This launches AdBlock’s ‘Options’ page in a new tab.
- Click the ‘Filter lists’ tab.
- Select the ‘Cryptocurrency (Bitcoin) Mining Protection List’ checkbox.
You can also use AdBlock to block adverts from domains that are known to be associated with cryptocurrency miners, such as https://coin-hive.com/lib/coinhive.min.js. To add a domain to your block list:
- Navigate to AdBlock’s ‘Options’ page, using the instructions above.
- Select the ‘Customize’ tab.
- Select ‘Block an ad by its URL.’
- Copy/paste the URL into the ‘Block URLs containing this text’ section and then click ‘Block it!’
2. Use an anti-malware or anti-viruses program
With in-browser mining becoming more widespread, some anti-malware and anti-virus software is starting to add features to prevent in-browser mining. Malwarebytes offers cryptocurrency miner blocking as part of its premium subscription, and it’s likely we’ll see similar features in other security-focused software in the future.
Even if you already have security software in place, don’t automatically assume that you’re protected against in-browser mining. This is still a relatively new threat, so always check whether your current solution offers you any protection – if it doesn’t, then you’ll need to use an alternative method, such as installing AdBlock, or switch to security software that does offer in-browser blocking.
3. Install a browser extension
The good news is that there’s already browser extensions that can block cryptocurrency miners, but the bad news is that at the time of writing you’ll struggle to find one that supports Safari!
If you’re worried about cryptocurrency mining, or you’ve noticed lots of CPU spikes in your Activity Monitor, then you may want to consider switching to Chrome, Firefox or Opera so you can benefit from these extensions – at least until extensions become readily available for Safari!
If you’re using Chrome, Firefox or Opera, then the popular No Coin extension blacklists domains that are associated with cryptocurrency mining, and is frequently updated as new cryptocurrency scripts are discovered. Every time you visit a website, No Coin scans for coin-mining JavaScript codes, and will prevent you from accessing affected websites. It also displays a red ‘!’ in your browser’s toolbar if it detects any cryptocurrency mining activity.
However, as we’ve already mentioned not all cryptocurrency mining scripts are bad. No Coin lets you whitelist websites, at which point you’ll be able to access this website regardless of whether it’s running a cryptocurrency script.
To whitelist a website:
- Click the little ‘No Coin’ icon in your browser’s menu bar.
- Open the dropdown and select either: Whitelist for 1 minute; Whitelist for 30 minutes, or Whitelist permanently.
No Coin isn’t the only script-blocking browser extension currently available. Some alternatives you may want to try include:
- MinerBlock, which is available for Chrome and Firefox. MinerBlock maintains a blacklist of websites that are known to perform cryptocurrency mining, but it also detects potential mining codes on websites and kills them, so MinerBlock can block cryptocurrency scripts that run via proxies.
- NoScript, which is available for Firefox only. This is a pretty heavy-duty extension that blocks all scripts running on webpages, so it may prevent you from accessing websites that aren’t actually performing cryptocurrency mining.
Add Comment