v. Swiping computer processing power through a web browser to illicitly mint cryptocurrency.
People who streamed the TV drama Billions last fall may have been hit by some real-life financial chicanery. While they watched, a rogue script on the Showtime website directed their PCs to engage in “mining” operations for a bitcoin-like digital currency.
Doing currency mining on your own machine is perfectly legit. Basically, you’re solving gnarly math problems to verify transactions; in return, you get some new coins. But the Showtime cryptojacker tapped into the CPUs of unsuspecting viewers and used their spare cycles to do the spadework. Not legit.
But do we care? Jackers pick so many pockets at once that the cost per victim is minimal: a fraction of a cent in electricity and only a slight dip in computer performance (if done right). What’s more, browser-based mining isn’t all bad: The script was created by a company called Coinhive as a revenue alternative to ads on websites. Charities have used it to collect donations. It might even be a new model for micropayments, letting us opt in to swapping processor time for content or services. And the best part? We don’t have to lift a finger.
Unfortunately, that’s also what makes cryptojacking so hard to stop: It trades on our apathy, and we’ve got plenty of that to spare.
- We've come a long way since the early days of cryptojacking, back in the heady days of 2017
- It didn't take long until cryptojacking attacks got bad enough to actually damage smartphones
- But where it really gets scary is when cryptojacking attacks critical infrastructure
This article appears in the February issue. Subscribe now.
