US regulator calls on people to report cryptojacking

The US regulator FTC has placed an appeal asking people to report cryptojacking. This phenomenon occurs if, for example, a site uses the CPU of visitors to mine cryptocurrencies.

In the call, the watchdog writes that the devices of victims can become slower, consume more energy and possibly also crash. If people have the impression that they are dealing with cryptojacking, they can report it on the FTC’s site. Judging by the form, that opportunity is open to everyone, not just US citizens. The regulator also gives general tips, such as the use of certain browser extensions that can provide protection. Many adblockers also block cryptominers, which are usually written in javascript.

Security researcher Troy Mursch, who is heavily involved in the phenomenon, tells Bleeping Computer that this is the first time a US government organization has mentioned cryptojacking. He therefore believes that this is a ‘historic moment’. Cryptojacking became popular last year after a company called Coinhive released a javascript miner for the cryptocurrency Monero. It is easy to integrate into sites.

Later, malware would also make use of this technique. Coinhive also came up with a variant where visitors to websites must first give permission before their CPU is used for mining, but it turned out that this is little used. Coinhive’s scripts that do not ask for permission have been found on many sites, for example an Albert Heijn promotion site, a paid streaming site and government sites in the US and UK, among others. Over time, many Coinhive clones have emerged.