Gridcash

October 9, 2018

Cryptojacking is a more insidious, and less obvious, method used to make money from a website’s visitors.

With the boom in Bitcoin, Ethereum and other cryptocurrencies throughout 2017 and early 2018, “mining” for these cryptocurrencies became rather popular.

The basic premise surrounding cryptocurrencies is relatively simple: cryptocurrencies use algorithms to “solve” transactions contained in a large file called a public ledger. In exchange for providing your computing power, you are rewarded a small amount of cryptocurrency as a reward.

This process is known as “mining”, and requires some specialised hardware in order for the process to be cost effective. An Application Specific Integrated Circuit (ASIC) miner would mine cryptocurrencies relatively efficiently, but would set you back at least R10 000 each. Many cryptominers resorted to graphics processors to do the heavy computational lifting required to mine cryptocurrencies, building mining-specific computers containing as many as eight of these graphics cards.

In addition to the capital costs, the mining process draws a lot of power, and a major portion of cryptocurrency mining profits is spent on the running expenses, including power.

But what if you could circumvent using your own processors or electricity in order to mine cryptocurrency?

This is exactly what at least one misinformation website, www.breeknuusza.co.za, did. The site is linked to the same owner of the HIN News website, which a News24 investigation found was created by Elvis Udofia.

When first encountering the website, it was peculiar to note the lack of overt advertising on the site. The content of the site wasn’t political in nature, and it was hard to understand why its owners would go through the effort of maintaining the site without any reward.

But the source code of the website contained some clues. The website contained a snippet of code that mined cryptocurrency in the background while you are visiting the site. This only became evident when the laptop used during the investgation heated up as a result of the mining conducted in the background.

The code itself was cleverly hidden on a sidebar area of the website, using a block that was 0 pixels wide, rendering it effectively invisible.

The code was identified as a utility called Gridcash, which enables a website to use the processing power of visitors to the website in order to mine cryptocurrency. This is done without a user’s knowledge or consent.

At any given moment, a computer’s processor is operating at only a fraction of its full capacity. Gridcash, and other similiar programs, hijack this “free” processing power to mine cryptocurrency in the background, in a process also known as “cryptojacking”.

This places additional strain on that user’s computer, increases the heat and noise it generates and will inevitably result in decreased lifespan of the hardware inside the computer. In addition to this, the user will also be required to pay for the increased power usage while the website was mining away in the background.

Although the mining capability per visitor is tiny compared to a dedicated cryptocurrency rig, the sheer volume of visitors compensates for the lower processing power. It also has the added benefit of not requiring you to pay for expensive mining hardware or power bills.