Cryptocurrency Insurance: The Missing Answer to Cryptojacking
The growing interest in cryptocurrencies is generating a surge of traffic and popular sites are being hijacked to mine cryptocurrency. Scripts are being planted in popular sites where browsing is heavy and the resources are being used to mine as users browse. It’s been reported that these sites are collectively receiving half a billion visitors each month. The method has been coined as cryptojacking. Instead of having to plant a software on a user’s computer, this technique manipulates Javascript to begin working the moment you visit a compromised site. Aside from the wear and tear on hardware and the depletion of resources, this technique can leave machines unstable, not to mention the obvious security and privacy vulnerabilities. It’s also not obvious when you have been compromised unless you’re monitoring CPU usage and hardware temperatures.
The irony is that the origin of cryptojacking began as a productive tool for good cause, one that could remedy atrocious web ads with a proper revenue model and avoid the security concerns of ads themselves. It also offered the ability to raise funds for charities and non-profit organizations, as some other currencies have been used.
The concept of cryptojacking originated a few months ago when a company called Coinhive released a script that would mine Moneros whenever web page was loaded. The torrenting site Pirate Bay used it to raise funds and soon enough Coinhive copycats started emerging. Popular mainstream, high-volume sites eventually realized that their sites had scripts injected into them by hackers who were mining off their traffic. Pirate Bay being one of the early adopters, asked and persuaded their users that the concept was worth considering as opposed to receiving ads and instead divvying CPU resources to compensate.
There are plenty of sites that use malicious scripts to send malware and redirect traffic to specific sites. With cryptocurrency emerging, there has been plenty of theft of digital financial assets. But now the concern is posed that, in addition to wallets, there is also a danger of your site being hijacked to develop currency. And the driving issue is that there is no choice in the matter, there is no opt-in or opt-out. In response, Coinhive created a different version naming it AuthedMine. It would prompt user permission to use the browser to generate Monero currency. It’s a commendable response to correct the issue but the fact that Coinhive script is widely available and being shared makes it a very difficult attempt at damage control. It’s ability to cause serious issues for companies and organizations is stark.
Even amidst its viral usage, experts believe a technology evolution can address some of the abuse and inherent flaws and perhaps reverse some of the negative associations that have occurred. And at the same time, there will also be those who exploit the technology and evolve it to make it less difficult to detect. In the end, the cryptocurrency space is layered and complex. Disruptive, new technologies are entering the market and players on every level are in a frenzy to participate or at least benefit from the wave. Without defined policies and legal protections, cryptocurrency mining and trading are still high-risk financial moves, compared to traditional capital markets. The cryptocurrency market is missing the robust insurance protections that are found in other trading and currency exchange environments.