Popular Streaming Sites Secretly Mine Cryptocurrency

Very popular video-streaming sites, some with nearly a billion monthly visitors, have been secretly using the resources from visitors’ devices to mine for the cryptocurrency Monero.

According to security experts at AdGuard, the four sites involved in the crypto-jacking schemes are Openload, Streamango, Rapidvideo and OnlineVideoConverter. Those sites are raking in outrageous amounts of money while visitors are busy streaming or converting videos.

“While analysing the first complaints, we came across several very popular websites that secretly use the resources of users' devices for cryptocurrency mining and were avoiding ad blockers so far,” AdGuard explained. 

“According to SimilarWeb, these four sites register 992 million visits monthly. And the total monthly earnings from crypto-jacking, taking into account the current Monero rate, can reach $326,000.”

Regarding the three video streaming sites, AdGuard said, “We doubt that all the owners of these sites are aware that the hidden mining has been built in to these players.”

Nevertheless, as visitors spend hours watching movies or TV shows, their devices’ CPUs are busy mining cryptocurrency for whomever added the mining scripts.

Crypto-jacking via Openload, Streamango, Rapidvideo and OnlineVideoConverter

AdGuard discovered two Openload domains secretly mining for Monero without users’ knowledge or consent. Openload, one of the most popular streaming sites, has an estimated 330 million visitors per month.  Videos from Openload are often embedded on other sites and, in many cases, the mining script loads when videos are launched. AdGuard estimated that the monthly earnings reach $95,000.

The crypto-jacking on Streamango starts when the embedded player is loaded. The site gets 42 million visits per month, and monthly mining earning could reach about $7,200. The mining script in the Streamango player is the exact same one being used on Openload.

Like the other two streaming sites, the Coin Hive mining code on Rapidvideo starts when loading the embedded player. The site gets an estimated 60 million visits per month, and estimated earnings, including Coin-Have’s commission, may reach an estimated $25,000.

OnlineVideoConverter, according to AdGuard, “holds the absolute record among crypto-jackers at the moment.” SimilarWeb data ranks the site as being the 119th most popular website in the world. 

It receives nearly 490 million visitors per month, almost twice the number of visitors of ThePirateBay, which was the first big site caught hijacking users’ CPU power to secretly mine Monero. Including Crypto-Loot’s commission, AdGuard estimated monthly mining earnings at $200,000.

ThePirateBay incident occurred in September. Since then, thousands of websites have turned to mining to supplement plummeting advertising revenues. Some sites added the mining scripts, while others were hacked to add the mining code.

CSO

YouMight Also Read: 

Bitcoin Developer Says Cryptocurrency Has Failed:

Mining Bitcoin Just Halved:
 

« Very Few Women Are CISOs
Iranian Hackers Have Infiltrated US Infrastructure »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DeviceLock

DeviceLock

DeviceLock is a leading provider of endpoint device/port control and data leak prevention software.

QASymphony

QASymphony

QASymphony software testing and QA tools help companies create better software by improving speed, efficiency and collaboration during the testing lifecycle.

6cure

6cure

The 6cure Threat Protection solution eliminates malicious traffic to critical services in real time and protects against DDoS attacks.

SCIPP International

SCIPP International

SCIPP’s courses are based on internationally recognized best business practices for security awareness, for both technical and non-technical staff and to comply with regulatory mandates.

Vysk Communications

Vysk Communications

Vysk is an award-winning mobile security firm that has developed the world’s most secure system for voice communication.

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

Sopher Networks

Sopher Networks

Sopher is a secure communication and collaboration platform for business and personal use.

Intrinium

Intrinium

Intrinium is an Information Technology and Security Solutions company, providing comprehensive consulting and managed services to businesses of all sizes.

Cythereal

Cythereal

Cythereal is the leader in predicting and preventing advanced malware attacks. Security Automation for the Overwhelmed Administrator.

Stone Forest IT (SFIT)

Stone Forest IT (SFIT)

Stone Forest IT specialises in providing advisory, implementation and managed services for IT infrastructure, IT security solutions, business applications (ERP and CRM) and business analytical tools.

Blumira

Blumira

Blumira provides comprehensive, hybrid cloud security monitoring and reporting for organizations of all sizes, enabling them to detect and respond to cloud security threats quickly and effectively.

V2X

V2X

V2X delivers IT support, networking, and cybersecurity solutions that ensure optimal mission support and performance.

Emantra

Emantra

Emantra specialises in the enablement of Secure Cloud services through it’s comprehensive Sovereign Cloud Hosting, Secure Access Service Edge, and managed services.

Replica

Replica

Replica creates authentic virtual environments that ensure identities and assets are always protected no matter where or what work needs to get done.

Hive Systems

Hive Systems

Hive Systems specialize in tailored solutions that unify risk assessments, IT, security awareness, and cybersecurity operations for businesses of all sizes.

BestDefense

BestDefense

BestDefense offers proactive cybersecurity solutions that adapt in real-time to outpace evolving threats and ensure resilient protection for your critical assets.