Popular Streaming Sites Secretly Mine Cryptocurrency

Uploaded on 2017-12-27 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Financial

Very popular video-streaming sites, some with nearly a billion monthly visitors, have been secretly using the resources from visitors’ devices to mine for the cryptocurrency Monero.

According to security experts at AdGuard, the four sites involved in the crypto-jacking schemes are Openload, Streamango, Rapidvideo and OnlineVideoConverter. Those sites are raking in outrageous amounts of money while visitors are busy streaming or converting videos.

“While analysing the first complaints, we came across several very popular websites that secretly use the resources of users' devices for cryptocurrency mining and were avoiding ad blockers so far,” AdGuard explained. 

“According to SimilarWeb, these four sites register 992 million visits monthly. And the total monthly earnings from crypto-jacking, taking into account the current Monero rate, can reach $326,000.”

Regarding the three video streaming sites, AdGuard said, “We doubt that all the owners of these sites are aware that the hidden mining has been built in to these players.”

Nevertheless, as visitors spend hours watching movies or TV shows, their devices’ CPUs are busy mining cryptocurrency for whomever added the mining scripts.

Crypto-jacking via Openload, Streamango, Rapidvideo and OnlineVideoConverter

AdGuard discovered two Openload domains secretly mining for Monero without users’ knowledge or consent. Openload, one of the most popular streaming sites, has an estimated 330 million visitors per month.  Videos from Openload are often embedded on other sites and, in many cases, the mining script loads when videos are launched. AdGuard estimated that the monthly earnings reach $95,000.

The crypto-jacking on Streamango starts when the embedded player is loaded. The site gets 42 million visits per month, and monthly mining earning could reach about $7,200. The mining script in the Streamango player is the exact same one being used on Openload.

Like the other two streaming sites, the Coin Hive mining code on Rapidvideo starts when loading the embedded player. The site gets an estimated 60 million visits per month, and estimated earnings, including Coin-Have’s commission, may reach an estimated $25,000.

OnlineVideoConverter, according to AdGuard, “holds the absolute record among crypto-jackers at the moment.” SimilarWeb data ranks the site as being the 119th most popular website in the world. 

It receives nearly 490 million visitors per month, almost twice the number of visitors of ThePirateBay, which was the first big site caught hijacking users’ CPU power to secretly mine Monero. Including Crypto-Loot’s commission, AdGuard estimated monthly mining earnings at $200,000.

ThePirateBay incident occurred in September. Since then, thousands of websites have turned to mining to supplement plummeting advertising revenues. Some sites added the mining scripts, while others were hacked to add the mining code.

CSO

YouMight Also Read: 

Bitcoin Developer Says Cryptocurrency Has Failed:

Mining Bitcoin Just Halved:
 

« Very Few Women Are CISOs
Iranian Hackers Have Infiltrated US Infrastructure »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Synology

Synology

Synology provides high-performance, reliable, and secure Network Attached Storage (NAS) products.

APWG

APWG

APWG is the international coalition unifying the global response to cybercrime across industry, government, law-enforcement and NGO communities.

Leviathan Security Group

Leviathan Security Group

Leviathan provides a broad set of information security services ranging from low-level technical engineering to strategic business consulting.

Conference-Service.com

Conference-Service.com

Conference-Service.com provides a categorised calendar of conferences and events which includes Information Security.

Fornetix

Fornetix

Fornetix is a cybersecurity platform enabling Zero Trust while delivering critical encryption automation, access controls, authorization services, machine identity, and ICAM solutions,

Telecommunications Industry Association (TIA)

Telecommunications Industry Association (TIA)

TIA works to secure trust in networks by advocating public policy positions on the security of ICT equipment and services related to critical infrastructure, supply chain and information sharing.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

AVORD

AVORD

AVORD is a cloud-based security testing platform that allows clients to manage security testing requirements in a far more productive and efficient way.

Swascan

Swascan

Swascan is the first all-in-one, GDPR Compliant, Cloud Security Suite Platform. GDPR Assessment, Web Application Scan, Network Scan, Code Review.

CUJO AI

CUJO AI

CUJO AI is the global leader in the development and application of artificial intelligence to improve the security, control and privacy of connected devices in homes and businesses.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

Pyxsoft PowerWAF

Pyxsoft PowerWAF

Pyxsoft PowerWAF responds to the problem of business cybersecurity. We protect our clients' websites and data against attacks and exploitation of all kinds of vulnerabilities.

QuantiCor Security

QuantiCor Security

QuantiCor Security is one of the world’s leading developers and manufacturers of quantum computer resistant security solutions for IT infrastructures and the Internet of Things (IoT).

Cyberguardians

Cyberguardians

Cyberguardians is a team of experienced cybersecurity experts and consultants who always believe in the value and a high level of cybersecurity services to clients.

HEAL Security

HEAL Security

HEAL Security is the global authority for cybersecurity data, research and insights across the healthcare sector.

Aim Security

Aim Security

Aim empowers enterprises to unlock the full potential of GenAI technology without compromising security. GenAI makes business better - Aim makes GenAI secure.