Your computer could be secretly mining cryptocurrency—piggybacking on your computer’s processing power to confirm transactions and generate new and potentially lucrative coins—and you wouldn’t even be profiting from it. Incidents of malware containing crypto-mining tools have surged six-fold this year, according to IBM Managed Security Services. Here’s how to find out if you’ve been unwittingly committing your computing power to enrich someone else.
Check your CPU usage
Open a resource monitor on your computer to check if CPU usage is abnormally high. On a Mac that’s Activity Monitor, and on Windows it’s Task Manager.
If you see a spike in CPU usage when visiting a particular website that shouldn’t really be that taxing on your processor; or if you have everything closed but CPU usage is still super high, then you may have a crypto mining malware problem. It’s hard to say what “normal” CPU usage looks like, since computer processing power and the applications people run vary so much, but a suddenly elevated level of CPU usage would indicate an abnormal increase in demand for processing power.
Ad-blockers can help…
Your computer can be hijacked for mining by visiting a particular website or having an infected advertisement displayed in it, as researchers at security software vendor ESET have detailed.
If that’s the case, once you leave that website or close the tab, the mining stops. For more peace of mind, you can also block Javascript from running on a site known to be infected by simply using the default privacy and content controls in your browser.
Ad-blocking software can also filter out known types of in-browser miners. One such mining script is called Coin Hive, which isn’t necessarily malware. It can be embedded in websites without the knowledge of a visitor, although its developers encourage website owners to disclose the script’s presence to users.
One ad-blocking software, AdGuard, will scan a site to see if Coin Hive is running on it and alert you to it. AdBlock Plus, a browser extension, suggests adding a filter to its built-in blocking options that targets Coin Hive.
…But not if it’s this type of malware
Researchers at IBM have found a more sophisticated class of surreptitious mining software that penetrates your system. These are delivered through infected image files or by clicking on links leading to a malicious site. Such attacks tend to target enterprise networks, IBM found, so get in touch with your IT person for help.
If your system is infected, you should detect a degradation in performance, in which case fire up Activity Monitor or Task Manager to check your CPU usage. You can then identify the process that’s eating up all those compute cycles and terminate it from your resource monitor, says Dave McMillen of IBM Managed Security Services, who authored the research on secret crypto miners.
Are these things mining bitcoin?
No, because bitcoin requires far too much computational power to be mined profitably this way, even if millions of ordinary computers were hijacked. Bitcoin miners today operate vast data centers containing thousands of machines specifically built—down to the chips—for mining bitcoin.
Instead, these miners most commonly try to generate Monero, a privacy-centric coin with a current market value of $1.3 billion. Like other cryptocurrencies, it has surged in value this year, from around $15 in January to a high of $140 in early September.
Some crypto mining in the browser is legit
Some websites are experimenting with in-browser mining as a revenue stream to replace advertising. The Pirate Bay, for example, experimented with that earlier this week with Coin Hive. “We really want to get rid of all the ads,” the site’s administrators wrote. “But we also need enough money to keep the site running.”
In fact, we at Quartz were among the first publishers to explore this model, all the way back in December 2013. Alas, even then the bitcoin mining game had become too competitive for us to profit.