Memeburn Has 'Unintentionally' Been Mining Cryptocurrencies From Their Website Visitors' Computers

Earlier on 20 September 2017 Memeburn, a website that focusses on everything digital in emerging markets, shut down its website after a user complained of high CPU usage when visiting their website. It turned out that Memeburn had been running a Coin Hive script to mine cryptocurrencies off their website visitors' computers.

What has made this incident a concern is that people visiting Memeburn were not alerted nor asked for permission on whether they consent to have Memeburn use their computers to mine cryptocurrencies.

Memeburn Facebook Message
Memeburn Facebook message, 20 September 2017.

Also interesting is that Memeburn was alerted to the problem on 18 September 2017 but only acted and removed the script two days later.

"On Monday, we received an email from a user reporting high CPU usage when visiting Memeburn. We weren't aware of the script's existence until [a] deeper investigation was undertaken this morning [20 September 2017]. We have temporarily ceased access to Memeburn while we resolve the issue," explained Andy Walker, Editor at Memeburn, to iAfrikan in a statement.

Walker couldn't answer any further questions as he explained that the investigation into how the script found its way on their website is ongoing.

"The investigation is ongoing, but more information will be made available in due course," said Walker.

How It Works

Coinhive offers a JavaScript miner for the Monero Blockchain. Website administrators can embed the JavaScript code in their website after they sign up for an account. Once registered, a public site key and a private secret key are generated.

Coinhive
Some of Coinhive's use cases.

Once the keys are generated, the website's developer, or anyone with the rights to update and publish the website theme/template, has to manually specify the site key for all client-side operations in the browser (i.e. include it in the website's code so that it loads everytime a user visits the website). There are several use-cases for an in-browser cryptocurrency mining script like Coinhive, and one of them is providing an Ad-free experience for visitors of digital publications, like Memeburn, while monetizing the publication.

Unintentionally

Thus far, Memeburn has said that they didn't know of Coinhive's existence on their site as it was 'unintentional'.

As detailed above, for the script to be enabled on Memeburn someone with permissions to update the Memeburn website code would need to embed it and furthermore the person would also likely have registered an account with Coinhive too. There is, however, another scenario, where it could be argued that the script was inserted as part of another unrelated plugin (e.g. if they run WordPress as their CMS). This scenario however also raises concerns around whether or not Memeburn checks their website code before publishing it as it could then in some cases contain yet undiscovered malware.

Coin Hive Website
Coin Hive Website.

At the time of publishing Memeburn's website was up again with the Coinhive embedded script removed. Walker has promised to get back to iAfrikan once the internal investigation is concluded.

"We apologize for any inconvinience caused," concluded Walker.

Comments