On 27 September 2017, it came to light that popular Kenyan entertainment blog, Nairobi Wire was using their visitor’s computers to mine cryptocurrency via Coin-Hive. Coin-Hive is a service that allows one to input JavaScript code within a website code and mine Monero coins through a visitor’s computer.
It is not the first time that a popular website has been caught in such an act. Around 10 days ago, Pirate Bay was caught injecting the same JavaScript code into their website to mine cryptocurrency through their visitors. Immediately after the news broke, Pirate Bay released a statement saying that it was only a test and that they were looking at it as a way to generate revenue and get rid of ads from the website.
On the same day, September 18, Memeburn, a website that focuses on everything digital in the emerging markets, was caught up in the same fiasco. Memeburn went ahead to take down their website and released a statement via their Facebook page claiming that they “found that a mining tool dubbed Coin Hive was using the website to mine cryptocurrency”, alleging that they did not know about it.
Just the other day, September 25, CBS’ ShowTime website was caught doing the same thing. ShowTime is a video on demand service and despite charging users to access such content. The working theory is that ShowTime must have been hacked, although the company refused to issue a comment on the same when they were contacted by The Register.
Since the discovery of the Coin-Hive code on Nairobi Wire’s website, more users have come out to verify these claims, with some giving a testimony that they have been experiencing the “issue” as far as three days prior to the discovery. At the time of publishing, it seems that Nairobi Wire had already removed the code in question from their website, however, this was not before some users had taken screenshots of the code:
The big issue here is that none of the websites mentioned above, including Nairobi Wire, requested for the user’s permission to use their CPU power to mine cryptocurrency. If requested, I am sure there is quite a good number of people who would give up a small percentage of their CPU power to get an ad-free experience on a website.
We have reached out to Nairobi Wire for a comment, when they finally respond, we will let you know what they say.
UPDATE 1: Business Daily Africa as well?
We have also been informed that Business Daily Africa was also a culprit of mining cryptocurrency via Coin-Hive, through the Techweez Forums. However, our inspection reveals that the code has already been removed from the website but thanks to the power of the internet, here’s a screenshot of the code on Business Daily Africa:
UPDATE 2: Nairobi Wire Responds
Nairobi Wire finally responded to us via Twitter. Here’s the full statement:
In response to your story, we had already stated on Wednesday that the script was unauthorized. We pulled it down immediately we learned of it. i.e. Tuesday night. We have confirmed that no other mining script is currently running. Between Tuesday and Thursday last week, we had outsourced some maintenance work to an outside developer. It has been our tradition to outsource a big chunk of our design/maintenance work. This means giving outsiders -sometimes foreigners access. We have thus concluded that the said script was installed sometime last week, by our external developer. Nairobi Wire never benefited in any way, and we have now cut links with that particular developer. Out policy of NOT having non-obstructive ads, like pop-up/under remains. This is designed to provide a smooth experience throughout. The mining script falls under ‘obstructive’ ads since it greatly slows down computers and/or can even be damaging to the CPU. We have no plans to use mining scripts now or in the future. If that changes, our readers will be informed and given an option to opt out.
Nairobi Wire was using 100% CPU power on my pc. Very unethical.
[…] Thanks to the boom in cryptocurrency mining, we have seen a very shady way of how some people are hacking laptops to take advantage of their processing power to mine these cryptocurrencies. Pirate Bay and Showmax websites were found to be mining cryptocurrency without the knowledge of customers and the same case happened here locally with NairobiWire website. […]
[…] the article, I wrote regarding Kenya’s Nairobi Wire being caught mining cryptocurrency using the visitor’s CPU, the company responded to us via Twitter and explained that the script was unauthorized and that […]
[…] since browser crypto mining has gone viral thanks to the reports about Pirate Bay, Showtime and other websites in Kenya. In the last three weeks, AdGuard found out that there are other CoinHive clones like JSEcoin, […]
[…] September, we started seeing reports of websites like Pirate Bay and some Kenyan ones that contained scripts of a browser based miner called Coin Hive like. This miner harnessed the […]
[…] In this age where we have seen a gold rush in mining the various cryptocurrencies for profit, there has been a trend to jack unsuspecting users laptops for crypto mining. […]
Comments are closed.