How to block Bitcoin Mining ter your browser

Bitcoin mining can be profitable, and that is likely the reason why wij have seen desktop miners and now also browser miners being shoved on to user devices.

The Piratebay experimented with running a Bitcoin miner instead of ads recently, and created fairly the uproar spil users embarked to notice that the fresh monetization method would yank up CPU usage to 100%.

An update of the Google Chrome extension SafeBrowse integrated a JavaScript miner spil well ter the extension, and led to the removal of the extension from Google’s Chrome Web Store.

Any webpagina you visit te the browser, and any browser extension, may run Bitcoin mining operations. While it seems very unlikely that popular or user respecting sites or extensions will do that, it seems likely that thesis very first incidents were just the very first wave of mining operations to come.

Rekentuig users have a duo of options when it comes to protecting their devices against browser-based Bitcoin mining.

While it is certainly possible to use content blocking extensions to prevent mining scripts to run te very first place on sites, thesis usually won’t block extension-based mining.

Most likely the best option right now is to block known Bitcoin mining domains. One of the better options to do that is to add thesis to the hosts opstopping of the operating system so that thesis domains redirect to localhost.

The effect is that sites and extensions won’t be able to voeling thesis domains anymore because of the redirect. Downside is that you need to add fresh domains and modify existing ones if the need arises by hand.

Windows users need to do the following to add Bitcoin mining domains to the hosts opstopping:

  1. Open Explorer or another verkeersopstopping manager on the system, and go to C:\Windows\System32\drivers\etc.
  2. Open the verkeersopstopping hosts te a plain text editor, for example Notepad.
  3. Add the line 0.0.0.0 coin-hive.com to the end of the document. Make sure you press the Tab-key after injecting the IP address 0.0.0.0.
  4. Save the document.

What this does is redirect any request to coin-hive.com to the IP address 0.0.0.0 (the local device).

Spil Ghacks reader Linuxfan mentioned, the line mentioned above blocks only coin-hive.com but not any subdomain such spil www.coin-hive.com. So, you may need to add thesis variants if they are used spil well to the hosts verkeersopstopping.

Peak: On Linux, you can run sudo nano /etc/hosts, on Mac OS X, sudo nano /private/etc/hosts. Substitute nano with whatever editor you favor.

This takes care of Bitcoin mining scripts hosted by coin-hive.com, the service that both the Pirate Bay and the Chrome extension used. Note that this won’t take into account self-hosted scripts. You need to add those separately to the hosts opstopping to block them spil well.

Another option that you have is to disable JavaScript on thesis sites. This may not be possible all the time, spil sites may require JavaScript for some or all of functionality, but Bitcoin miners based on JavaScript cannot run if JavaScript is disabled.

Check out thesis resources for extra information on the hosts opstopping:

Now You: Do you use the hosts verkeersopstopping to block online resources?

About Martin Brinkmann

Martin Brinkmann is a reporter from Germany who founded Ghacks Technology News Back ter 2005. He is sultry about all things tech and knows the Internet and computers like the back of his forearm.

You are here: Huis >, Internet >, How to block Bitcoin Mining te your browser

Responses to How to block Bitcoin Mining te your browser

I toevluchthaven’t however of using host opstopping to block this nasty thing, I mainly use host opstopping to be able to use Photoshop^^,mainly Ublock Origin+Umatrix.

Sad to see Piratebay using miner too ,'(

Host files can only block immobile ip addresses. Some websites are sneaky and generate random script names from numerous random domain names. To block this, you need a blocker that analyseren mining patterns te scripts, not just block the host. I use Mineblock which does just that https://mineblock.org

Done. CPU says “Thanks” and I agree.

“Make sure you press the Tab-key after coming in the IP address 0.0.0.0.” : a plain space is enough.

Martin, this rule works. However, one should be aware of the shortcomings of using a hosts verkeersopstopping: It only blocks *exactly* what’s added ter that opstopping. Hence, a rule like

does *not* block, e.g.,

This is exactly the reason why a rule like

is not sufficient but literally hundreds of rules are necessary to voorkant all variants of doubleclick. And wildcards or placeholders are not permitted ter a hosts verkeersopstopping! See also the remarks on https://wiki.ubuntuusers.den/hosts/#IP-Adressen-umleiten.

So a better solution is undoubtedly using uBlock Origin’s Dynamic Filtering or uMatrix spil they make sure that all relevant sub-domains are also blocked.

You are right, thanks. I add that to the guide to make it clearer

Just use Easyprivacy tracking list, it’s presently blocking this domain.

Thank You! Very much appreciate what you do.

Actually witnessed two entries for mining domains.

And. people got to TPB with javascript enabled? That’s friggin scary! What with the miner, redirects and Heerser knows what else. Will not be saddened when they get shut down, next time, again. SMH!

it’s not a bitcoin miner, but a monero one instead.

you never mentioned it te the article.

monero is based on cryptonote whose proof-of-work algorithm is designed to be suitable for ordinary PC CPUs

There wasgoed an article posted on BetaNews last night regarding how to add a filterzakje to the Adblock Plus extension te your browser to protect against the Bitcoin hijack spil well.

I followed the elementary instructions and added the filterzakje. I’d be interested to see what you and the ghacks community thinks about this.

Here is another way to do it.

Add this to your Adblock or uBlock filterzakje.

ter uBlock, should thesis be added to the tabulator My filters or to the tabulator My rules?

uBlock blocked them by default. No need to add

You can subscribe to this list with ublock or adblock.

Has all the above urls.

NoScript blocks coin-hive.com. However it certainly won’t hurt to add it to the host verkeersopstopping.

I checked uBlock and it blocked thosed url by default. No need to use Adblock Plus

While rules for content blockers are fine if websites include undesirable third-party scripts, things work differently if that code is included ter an extension. No content blocker will be able to affect this, at least once you’re past the point of using a legacy Firefox extension.

You’re left with doing this on an OS scale and not a browser scale. However, there are no effortless built-in contraptions for this purpose, spil both the hosts opstopping and the Windows Firewall do not permit wildcards spil you would want to use them. The best you can do is block entire IP subnets ter the firewall, but that’s unlikely to be a good solution.

Te the end my suggestion would be to run a local DNS server, which makes blocking this zuigeling of thing child’s play (but also a loterijlot more work to set up and maintain). Te case you’re using the default DHCP settings when connected to your local network, you’re often already using a local DNS server courtesy of your router without even knowing it. To get the most out of a local DNS server you will need more than that however, my suggestion would be OpenDNS which uses an “implied wildcard” system, where a blocked entry “domain.netwerken” would work spil *.domain.nipt and thus block both domain.nipt itself but also any subdomain. Like mentioned, this takes time, practice and chance to set up, but a local DNS server can have some minor spectacle advantages and te this case it would also permit you to block certain domains for the entire local network.

Just use this filterzakje list with uBlock Origin (or AdBlock Plus).

Thank you for the listig to the nocoin list. I wasgoed able to invoer it directly from the interweb into Opera’s built ter adblocker. And so Opera will check and update it for mij.

Kaspersky is detecting and blocking it spil malware.

This coin-hive.com webstek is already included te Steven Black’s hosts opstopping – among other 38 thousand undesirable websites: https://github.com/StevenBlack/hosts/blob/master/readme.md

Recommended! It blocks all kinds of adware, malware, ad servers, etc.

A quick question: I see that you’re blocking IPV6 and localhost spil well. any particular reason? My ISP doesn’t provide IPV6, however, the Apple Airport Extreme (5th Gen) gets mij into some trouble now and then. 🙁

localhost is supposed to resolve to 127.0.0.1/::1

I’m ter trouble and would appreciate lay-language advice on digging myself out of it.

HOW UN-TECHY GHACKS FOLLOWERS CAN STRAY INTO A BOG

I download webcams with Jaksta and, for one particular type (nest.com), have to use Edge browser spil no other browser (FF, Chrome, Opera, IE) will let it download. I need to auto-refresh periodically ter order to keep rivulets going but Edge has no extension for it, so I’ve bot using RefreshThing.com to do the job.

That wasgoed OK-ish until a few days ago, when Malwarebytes commencing popping up blocking notices one after the other ter quick succession, all of them variants of coin-hive.com, and the only way to zekering them (trial and error, I have Trio browsers and geysers of tabs open) wasgoed to close RefreshThing down.

A comment on Martin’s timely article led mij to add this filterzakje to AdBlockPlus ter Edge: https://github.com/hoshsadiq/adblock-nocoin-list/ . since when all fresh tabs became unresponsive, including the AdBlock ‘disable list’, so AdBlock has bot uninstalled. and now I can’t reinstall it because MS Store thinks I’m offline and I can’t fix that.

Inconvenient, to say the least, spil well spil embarrassing.

upon hearing of THB running the Coin Hive script, i had much the same reaction spil most of you here – i spotted it spil outright malware – but upon further thought and READING the docs on coin-hive.com, including their privacy policy (which is very strong) and goals, i have reached a very different conclusion

i think JS crypto-mining is potentially a gigantic game-changer and an excellent way to monetize a webpagina *spil long spil it’s introduced spil an opt-IN solution*

this could be a superb way to declutter the interwebs of much of the annoying ads and having to beg for donations and it costs the average visitor essentially nothing spil long spil you don’t hog their CPU

the problem right now is that greedy, unethical, self-serving morons are implementing such mining scripts without everzwijn notifying the user – te the case of Coin Hive, they are working to combat this nonsense by making it difficult/unlikely for their script to run unless consent is given and i like this ethic

think of this tech not spil malware, but spil a SOLUTION to making the web a cleaner place ter many ways – think of all the garbage content, besides ads, that is written solely with monetization te mind, tracking linksom, affiliate linksaf, etc., etc., etc.

wouldn’t it be good to see a loterijlot of this garbage vanish?

some quotes from Coin Hive.

” Our aim wasgoed to suggest a viable alternative to intrusive and annoying ads that litter so many websites today. Thesis ads are not only a distraction to end users, but also provide notoriously unpredictable and non-transparent revenue numbers. Wij set out to switch that.

We’re a bit saddened to see that some of our customers integrate Coinhive into their pages without disclosing to their users what’s going on, let alone asking for their permission. Wij believe there’s so much more potential for our solution, but wij have to be respectful to our end users.

It’s very likely too late to do anything about the adblockers that already prevent our current JavaScript from loading. Instead, wij will concentrate on a fresh implementation that requires an explicit opt-in from the end user to run. Wij will verify this opt-in on our servers and will implement it ter a way that it can not be circumvented. Wij will pledge to keep the opt-in te tact at all times, without exceptions.”

and from their privacy policy.

“Wij do not track users. Wij do not use cookies. Wij do not use any third party tracking (Google Analytics, Piwik, …).”

for more, visit coin-hive.com and read their blog, privacy policy, etc.

i also wrote a geschreven blog postbode about this here:

The Pirate Bay and its cryptocurrency mining script – why this might be the best thing since DOOM

Fine article,thanks a loterijlot. Seems lately, many webstek’s embark’s using Monero miners. Some of the sites warn’s when you visit, some not. Lazy people looking for every possible way to make some money behind screens.

You can also use the excellent Mineblock : https://mineblock.org

Leave a Reply Click here to cancel reply.

About Ghacks

Information

Authors

©, 2017 gHacks Technology News. All Rights Reserved.

Get via App Store Read this postbode ter our app!

What is the standard protocol for pools/miners?

The Bitcoin client protocol is well documented ter the Bitcoin Wiki, but I can’t find much on the protocol used by pools and miners. Is it described anywhere?

1 Reaction

When there were no pools, all of the very first mining clients interfaced directly with Bitcoin. They connected to Bitcoin’s JSON-RPC interface and used the getwork RPC method to get the required work. Getting work from a pool is the same spil getting work from Bitcoin. The client connects to the pool overheen HTTP, often using the same HTTP authentication that Bitcoin’s JSON-RPC interface uses, the client sends a JSON-RPC getwork message, and the pool sends back a JSON-RPC getwork response.

Many pools nowadays support some extensions to the getwork protocol that Bitcoin does not.

Related movie: #1 Lesson I Learned Investing ter Cryptocurrencies like Bitcoin, Ethereum, and Dash


Leave a Reply

Your email address will not be published. Required fields are marked *