If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!
Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.
With the introduction of memory-bound cryptocurrencies, such as Monero, the implementation of mining code in browser-based JavaScript has become a worthwhile alternative to running dedicated mining rigs. Based on this technology, a new form of parasitic computing, widely called cryptojacking, has gained momentum in the web.
In this talk, we systematically explore this phenomenon: To begin with, we demonstrate how modern web technologies are used to create an efficient miner solely in JavaScript. We then present our methodology on how to identify mining scripts on real websites at scale, which we use for a study on the Alexa top 1 million websites. In particular, we perform several secondary analyses to gain insight into the cryptojacking landscape, including a measurement of code characteristics, an estimate of expected mining revenue, and an evaluation of current blacklist-based countermeasures.