The latest nasty security scourge plaguing the internet is cryptojacking. By running hidden code on a seemingly ordinary webpage, hackers and disreputable webmasters can highjack your CPU’s processing power in order to mine cryptocurrency, line their own pockets, and kill your performance. Opera is now the first web browser with a built-in tool to fight off this practice—and hopefully it won’t be the last.
Ever since a company called Coinhive emerged back in September, cryptojacking has spread to thousands of websites. Coinhive offers site developers a way to make a little extra crypto cash with a simple script that they can embed in the code of their webpages. When a user navigates to the website, the portion of their CPUs capacity that isn’t being used will suddenly be used to crunch complex mathematical formulas that generate new cryptocurrency. In Coinhive’s case, the script generates a cryptocurrency called Monero. Coinhive’s documentation explicitly advises developers that it’s their responsibility inform users about what is happening. It’s just the right thing to do when the downside for visitors includes jacked up electric bills, slower processors, worn out fans, and drained batteries. Over the last few months, we’ve seen cryptojacking occurrences in everything from Starbucks wi-fi to apps in the Google Play store.
To help fight this problem, Opera announced built-in cryptocurrency mining protection in the release notes for the latest beta of its web browser. We’ve previously given you some tips for blocking Coinhive’s code, but that’s just one script that bad actors are using. Right now, blocking cryptojacking code works much like adblocking. Adblockers use a list of known ad networks and prevent advertisements from being served from them. Opera’s announcement doesn’t say how it’s approaching the problem or what miners it’s blocking at the moment, but we’ve reached out to ask how the new feature works and we’ll update this post when we receive a reply.
Some good-natured developers have worked on releasing extensions to prevent cryptojacking, but in the long run, that isn’t going to be very effective. We need browser companies that have the resources to track new occurrences and update their software over time. Currently, Opera’s the only one doing it, so it might be a good time to give it a try. Digital Trends just gave it high rankings in its best browsers list last week. I can tell you that I was inspired to try it earlier this year after Motherboard recommended the latest version. I thought it was a solid alternative to Chrome with great performance, but I’m a creature of habit and needed to go back to my old interface. It’d be nice to see this feature on all the browsers out there.
Another important point about Opera’s implementation is that it’s optional. What sucks about cryptojacking is that it was originally intended to be an option for sites to honestly make a little extra dough without advertising or subscriptions. The Pirate Bay first tested it out as a way to get rid of their horrible porn ads, but they broke the cardinal rule of using the tool—they didn’t clearly inform users that it was happening. And despite last week’s big cryptocurrency crash, the markets are climbing back up again, with Bitcoin hitting $16,000 (nearly £12,000) on Tuesday. There’s just too much incentive right now for this practice to be abused by jerks.