BlackBerry Mobile Site Infected with Coinhive Cryptocurrency Miner
Reports have surfaced that the BlackBerry Mobile website has been compromised with the Coinhive cryptocurrency miner, a malicious software that utilizes visitors’ CPU processing power to mine for the Monero virtual currency.
Discovery and Response
A vigilant Reddit user identified the code on the global www.blackberrymobile.com site, which is owned by TCL Communication Technology Holding. It is important to note that redirect sites for specific countries and properties directly owned by BlackBerry Ltd are not affected by this infection.
Although TCL has not issued a public statement regarding the incident, Coinhive did acknowledge the situation on the Reddit thread. The company stated that the website appears to have been compromised by cybercriminals targeting Monero virtual currency. This event adds to a string of recent attacks, including the insertion of miners into premium websites and digital ads.
Responding to the issue, Coinhive expressed regret over the misuse of its service and promptly terminated the account responsible for violating its terms of service. The company attributed the breach to a security flaw in the Magento webshop software.
Web-Based Mining Trend
Coinhive, launched in September, offers website owners an alternative revenue stream through cryptocurrency mining. By embedding scripts into web pages, visitors unknowingly contribute their computing power to mine for Monero, providing a means for website monetization. This method has gained traction, with a growing number of mobile apps incorporating cryptocurrency mining code, as reported by Symantec.
Ethical Concerns
Despite its popularity, web-based mining is not without controversy. The business model raises ethical questions, particularly regarding transparency and user consent. Websites like The Pirate Bay have faced criticism for implementing mining without disclosure to visitors.
Symantec highlighted the potential risks associated with secret mining, emphasizing the importance of proper throttling to prevent excessive CPU usage. Without adequate controls, users may experience performance issues, alerting them to the covert mining activity.
In conclusion, the infiltration of the Coinhive cryptocurrency miner on the BlackBerry Mobile site underscores the ongoing challenges posed by cybercriminals exploiting website vulnerabilities for financial gain. As the prevalence of web-based mining continues to rise, vigilance and transparency are essential to safeguarding user experience and maintaining ethical standards in online monetization.