AirAsia’s Sites Were Mining Cryptocurrency From Visitor’s CPUs—5 Crucial Questions Answered

Yesterday, Lowyat.net reported on a suspicious script found on AirAsia BIG Prepaid’s siteand Tuneprotect.com.

According to the reports, the Coinhive script allows the sits to use CPU power from visiting computers to mine cryptocurrency.

You’ve probably already heard of Bitcoin, and might have even considered mining it to make some money. However, mining Bitcoin requires a specially designed rig to be profitable.

Coinhive on the other hand mines the cryptocurrency known as Monero. Monero is often touted as a more anonymous version of Bitcoin because you can purchase it offline with cash.

When using the Coinhive script, thirty percent of the proceeds go to Coinhive, whereas the sites who run it usually get the rest. One site known for running this script is the notorious torrent site, The Pirate Bay.

Coinhive actually sells itself as an alternative to banner advertising, and late last month claimed to be taking measures to ask site visitors for permission before mining their CPU.

Looking at the website codes today revealed that Tuneprotect.com now has a checker in place to prevent the Coinhive script from being reinserted or reactivated.

AirAsia BIG Prepaid has cleaned up everything and appears to be functioning as normal.

From the initial reports, it’s very likely that there was a loophole in the websites that allowed the script to be injected in (our tech lead also confirmed that this is the most likely theory), without the knowledge of the website’s owners.

However, even as the problem seems to have been fixed for now, there are still some questions raised that we’re addressing below.

1. Do scripts like Coinhive harm my computer?

Yes and no. Coinhive itself isn’t necessarily malware. It also depends on how much of your computer’s processing power ends up being used by the script.

Some of them have been set to use all of the visitor’s unused processing power. On The Pirate Bay, they set it to use 20 to 30 percent of a visitor’s CPU power and only ran in the tabs where the website was open.

However, as noted by Vice, even a 20 to 30 percent of usage increase can cause a computer to slow down or crash.

If you really object to having your CPU used in such a manner, there are Chrome extensions you can install like No Coin Extension or MinerBlock Extension that you can install. Or, if you’re on Firefox, you can use JavaScript-blocker extensions like NoScript.

2. Is this why every time I try to make a booking on AirAsia, it’s slow?

In this case, the answer is a no. The delays you face when you’re booking are more likely because of the servers being overloaded by all the people flooding in for those sweet, sweet deals.

3. Was my data compromised?

According to a statement released by Razman Hafidz Abu Zarim, Group CEO, Tune Protect Group Berhad, “We would like to assure our customers that we take their privacy seriously and have strong controls in place to protect their data. There are no personal data nor information breaches from this issue.”

It’s unlikely that this particular script caused any data breaches, as Coinhive is in itself, not considered “malware” of that sort.

4. Is this illegal?

In 2013, a project by MIT students named TidBit, that would allow websites to generate revenue by using visitor’s processing power to mine for Bitcoin, was shut down by court order. The ruling was that the use of a person’s CPU power to mine cryptocurrencies without consent is considered gaining access to that person’s computer.

We’ve had no other precedents in Malaysia, but that leads us to the next question.

5. It this ethical?

The Coinhive script was probably put into the code on the AirAsia websites secretly, but even websites like The Pirate Bay (who don’t sit very high on the “legal” scale of things) got some users riled up when they trialled using Coinhive to mine cryptocurrency.

It all boils down to one word: consent.

Not everyone would want their CPU to be used to such things, but not everyone minds either. In fact, when The Pirate Bay polled its users, many of them were open to this, as opposed to being showed ads. But, they wanted to be notified when their computers were being used.

###

The Coinhive script may have been inserted into those two sites illicitly, but it’s not too much of a far cry to say we may see more of this happening here soon.

As traditional forms of advertising continue to spin around trying to find new ways to reach an audience, some sites might decide to do away with that altogether and embrace this method as a stream of revenue instead.

As users, what we can only hope for is that we at least get a say of some sort in which way our “free” resources on the internet can keep supporting themselves—be it through ad revenue or through methods like this.