EveryoneDigital

Everything Between Tech and Web.

  • Home
  • Internet
    • Business
  • Technology
  • Mobile
    • Apps
  • Windows
  • About
  • Contact Us

Preventive Steps if Coinhive Crypto-Mining Script Infects Your Website

Author: Sam   Last updated on: May 19, 2024    17 Comments  

If you own a popular website or blog, you would have definitely heard about Cryptojacking. It has been one of the most serious threats that emerged, affecting even the commonest people around. There are actually two sides to this problem of Cryptojacking, depending on how this thing is implemented. It’s kind of okay if you, the website owner, inserted the Crypto-Mining script into your website so that you can earn bit of revenue without using ads. At the same time, it’s a huge violation of your privacy policy and the respect you have for your visitors. That having said, things are obviously different if you didn’t insert the code.

Well, as strange as it might sound, some hackers might have got into your website and inserted the Crypto-Mining code into it. I mean, just think of it: hackers find it an awesome way to have constant revenue, which increases according to the number of visitors your website has. Now, this is not really good for your privacy, health of your website or the overall reputation. It also means that you no longer have complete control on your website. In other words, it is the right time to remove the Cryptojacking script from the website and to take some preventive steps.

We do understand that some of you might not understand the concept of Cryptojacking. So, it makes sense to start with an introduction to Cryptojacking and Coinhive and then move onto the possible solutions.

Cryptojacking and Coinhive – an Introduction

In the simplest terms, Cryptojacking happens when an attacker hijacks a user’s browser and uses their CPU resources for mining cryptocurrencies. Since the process of Bitcoin mining is impractical, the resources are used to mine lightweight ones like Monero. Anyway, chances are, the computers of the infected users would become incredibly slow, especially in some cases. If you are the one who put up the Cryptojacking code, you will receive the mined Monero coins, but that’s not the case.

You should also know about Coinhive before proceeding further. Coinhive was the first solution for utilizing visitors’ CPU resources for cryptocurrency mining. As you can guess, the method was launched as an effective alternative to annoying advertising. The point was that you can keep earning without bothering the visitors — at the same time, draining their CPU performances and battery lives in the long run. Anyway, owners of websites were required to insert the Coinhive script into the code and all the users would be affected.

So far, we have talked about how you can insert the Coinhive code into your website voluntarily. Things are not going to sound right if someone else did that, right? In that case, you won’t be the one receiving the total revenue either.

How to Find If Your Website Is Affected by Crypto-Mining Script?

Before we proceed further, it is important to confirm whether your website is really affected. The process is very simple:

You have to visit your website from different computers equipped with anti-malware protection. A powerful antivirus program will be able to detect the Coinhive script that is working in background. Upon the detection of the script, you can confirm the presence of the malicious Crypto-Mining code. We recommend repeating the process from different devices — say Windows and Mac, for instance. Once you have an idea, stop the search and let’s talk about the crypto-mining script removal.

Now, here is the better part of confirmation. In most cases, Coinhive insertion is done through source code of the website. It may happen in different ways. For instance, if you had installed a nulled script from a not-so-trusted sources, the script could have included Coinhive elements as well. So, another way to completely confirm the presence of Cryptojacking script is to check out the source code of your website. You can do that from your common web browser.

Open the source code and see if the word ‘Coinhive’ is presented in the main code section. If it’s in, let’s go.

How to Remove Coinhive Miner from Your Website?

This is not tough as it may sound. Let’s talk about the commonest way of infection first. There is less chance that your entire website is owned by a hacker. In that case, you would have seen some other symptoms as well. However, we would surely recommend taking a few precautionary steps like ensuring the safety, using stronger passwords and enhancement of overall security. Once you have done that, and confirmed that the website is under your control, we can start the search for the crypto-mining script.

Now, this step requires some technical knowledge since you are going to deal with code. Depending on the CMS you are using, you can open the main file of your website and search the code for a possible line that deals with Coinhive. In common cases, the code may look like the following:

If the same script is present in your website, don’t think much and remove it. For the removal process, you may need some expert help. This is the idea: crypto-mining scripts normally affect the main page of website. So, it’s recommended that you hand over the process to someone with experience. Once the removal has been done, it means you are completely safe and that your users won’t suffer from CPU draining when they visit your website.

As an extra precaution method, you should clear the server cache as well, especially if you are using CDN in your website. This will remove the possibility that Coinhive scripts may work from the cache.

P.S. The threats of crypto-mining scripts are not reducing day by day. On the other hand, you can see newer ones coming up every day. For instance, there was the presence of another Cryptojacking script named Minr that is so hard to be detected. So, we recommend taking a look at this side every once in a while.

Some Steps to Stay Safe

We already mentioned the different ways how your website may get infected by Cryptojacking script. You’d not mind the results of the following methods if you would like to keep the situation away.

  • Make sure that you are not using any pirated scripts, themes or other codes that may consist of the cryptocurrency script.
  • Follow all the security procedure for keeping your website away from hackers and other attacks that can offer them control.
  • Always update the CMS and Server Software to the latest version. If the script made its way to your website via some vulnerabilities, this step will stop that.

Hope you have an idea about how to keep your websites safe from Cryptojacking scripts.

The Wrap-Up Part

Just as we said earlier, the process of removing the Coinhive crypto-mining script if your website is affected is simple than you thought. You might need some familiarity with code, but you can always get some help from a friend. If you have a popular blog, we recommend that you have a dedicated team for security and technical aspects. Anyway, we hope this guide helps you to not only remove the existing Coinhive Cryptojacking infection but also for preventing future scripts from infecting your site.

Meta: Are you suspicious that your website is affected? Here is a guide that helps you remove Coinhive crypto-mining script from an infected website.

Filed Under: Technology    Tagged: evergreen

More on EveryoneDigital Right Now!

  • How to convert your idea into meaningful design

  • Know When to Upgrade to Cloud Services | Power of Cloud

  • The Evolution of HR Technology: Shaping the Future of Workforce Management

  • Using Videos to Generate Traffic for a Blog or Website

About Sam

Sam loves to travel a lot. He is very passionate about technology, the internet and cars. He writes on Everyonedigital as a hobby. Currently working at NASA as a technical coordinator.

Sam has written 154 awesome articles for us at Everyone Digital.

  • Find Sam On
❮
Radiation-image
Radex RD1706 Pocket Radiation Detector Review
❯
Using Artificial Intelligence To Help Keep Your Financial Data Safe

Comments

  1. David says

    at

    Thanks for the tip. 🙂

    Reply
    • Sam says

      at

      You are welcome David.

      Reply
  2. Michael Burn says

    at

    I faced this issue multiple time on my website. What I did was change the web hosting company.

    Reply
    • Sam says

      at

      Thanks for your input Michael.

      Reply
  3. Ron says

    at

    What can I do to avoid the reinfections.

    Reply
    • Sam says

      at

      Please consult with your web hosting to fix the loopholes and increase the security of the system.

      Reply
  4. bilgichukuk.com says

    at

    Thanks a lot

    Reply
  5. Clarke Samuel says

    at

    A very nice strategy you describe to remove coinhive miners from the website. It helps me a lot. Thanks

    Reply
  6. MUHAMMAD KAMRAN says

    at

    I am very glad to read your article you are giving very good information to the people I have seen your website has been made very beautiful and I thank you again and pray that you Keep up the good

    Reply
  7. Aqdas Zahid says

    at

    Seems very helpful, can’t wait to try this.. Great Sir!

    Reply
  8. David says

    at

    Removal is pretty simple, the bigger problem is to detect it in time. I think will see more and more attempts from hackers to hijack crypto.

    Reply
  9. Ingelious says

    at

    This is an informative post. Can I share it with my students?

    Reply
    • Sam says

      at

      Yes sure.

      Reply
  10. Akash says

    at

    thanks for the useful article

    Reply
  11. Vishal says

    at

    Great text, understood better how cryptocurrency mining works.

    Reply
  12. Shubam says

    at

    Sam, I’m grateful for your help. Your guides are fantastic. A very readable, valuable, and compact article.

    Reply
  13. Liaqat Ali says

    at

    Very well Explained.Got it

    Reply

 Comment Policy

Your words are your own, so be nice and helpful if you can. Please, only use your REAL NAME, not your business name or keywords. Using business name or keywords instead of your real name will lead to the comment being deleted. Anonymous commenting is not allowed either. Limit the amount of links submitted in your comment. We accept clean XHTML in comments, but don't overdo it please. You can wrap code in [lang-name][/lang-name] tags.


Tell us what you're thinking... Cancel reply

If you want a picture to show with your comment, then get Gravatar!

  • Facebook
  • Pinterest
  • RSS
  • Twitter
  • Twitter

Connect on Facebook

Latest Articles

  • How to Use Digital Tools to Manage Teams
  • A Brief Look at the Future as Businesses Move to the Digital Realm
  • WoW SoD: The 6 Best Addons to Level Up in World of Warcraft
  • Best Ways to Check Who Viewed My Instagram Profile/Account
  • Speeding and Car Accidents in St. Louis: Preventive Measures to Take

Trending Topics

  • Android 3
  • Apps 3
  • Blogging 8
  • Business 17
  • Computer 20
  • Education 1
  • Featured 2
  • Gadgets 4
  • Games 7
  • How To 21
  • Internet 42
  • Mobile 4
  • SEO 3
  • Social Media 2
  • Technology 17
  • Some Rights Reserved. Everyone Digital | Copyrights 2012-2025 AntivirusInsider | Site Map | Privacy Policy