What is the CoinHive hack?

What is the CoinHive hack?
datum-geschreven 12 Sep 2023

CoinHive is a script written in Java. Nothing wrong with that.
This script makes it possible to “mine” Cryptocurrency which you can convert into real money.

Mining is done by having a computer’s CPU or GPU perform calculations.
In short, mining is not free and therefore costs power and computing power of a computer.

The CoinHive is illegally used by hackers

Where it goes wrong is if hackers can get the script into your website.
Then there are several options:

  1. The script prompts the server to calculate Cryptocurrencies
  2. The script puts the visitor’s computer to work for the calculation (Mining) of cryptocurrencies

And that is of course a crime. But very lucrative for the hacker.
Imagine being able to put 10, 20 or even 100 computers to work to calculate Cryptocurrencies.

How can a hacker insert a CoinHive into your website unnoticed?

There are several ways to do that. We will not discuss them in detail, but give some examples that have been known for years.

  1. Via a leak in your website, such as a leak in a plugin, a theme or in WordPress itself.
  2. By offering a pricey plugin “for free”, with the CoinHive code inside.

Don’t you notice that CoinHive is in your website?

No, a hacker changes the code every time so that the server and security do not recognize it. There are also various methods to make this unreadable.

When you notice.. you’re too late.

A block in Google

That’s when Google blocks your website because “your website is infected with Malware“. That is a collective name that Google uses to indicate that there are hacks in your website.

Antivirus Software Blacklisting

Antivirus software such as Northon, Kasperski, AVG, McAffee will detect the CoinHive on the visitor’s computer, which ensures that the website is blacklisted by the antivirus software after several reports.
Visitors with that antivirus software are then stopped from visiting your website or receive a notification when they visit your website.
This also shows the importance of good antivirus on your PC or laptop!!

Prevent CoinHive hack from entering your website

Make sure your plugins and theme + WordPress are up to date. If a leak is known, the developers often provide an appropriate security update. So you have to make those updates regularly.

Make sure that hackers’ common tricks and hack scripts don’t work on your website. You do this by installing and properly setting up a security plugin.

What if you already have a CoinHive hack in your website?

Then you can approach us, we have the experience and expertise to fully remove the hacks.
Not only removing the hacks is a necessity, but by fixing the leaks and the backdoors we ensure that the CoinHive hack cannot come back.

De meeste artikelen worden geschreven door Mathieu Scholtes, de eigenaar van WPBeveiligen. Op de hoogte blijven van het laatste WordPress nieuws? WordPress tips? WordPress aanbiedingen?
Connect dan op Linked-in!

Heb je een vraag? Tip of gedachte? Deel die!

Breng me op de hoogte
0 Reacties
Inline Feedbacks
Bekijk alle reacties