Login

Forget Password?
Login With Facebook
Don't Have An Account? Sign Up

Sign Up

Already Have An Account? Login
Read Our Privacy Policy
Back to Login
  • National
  • Politics
  • Valley
  • Opinion
  • Money
  • Sports
  • Culture & Lifestyle

  • National
    • Madhesh Province
    • Lumbini Province
    • Bagmati Province
    • National Security
    • Koshi Province
    • Gandaki Province
    • Karnali Province
    • Sudurpaschim Province
  • Politics
  • Valley
    • Kathmandu
    • Lalitpur
    • Bhaktapur
  • Opinion
    • Columns
    • As it is
    • Letters
    • Editorial
    • Cartoon
  • Money
  • Sports
    • Cricket
    • Football
    • International Sports
  • Culture & Lifestyle
    • Arts
    • Brunch with the Post
    • Movies
    • Life & Style
    • Theater
    • Entertainment
    • Books
    • Fashion
  • Health
  • Food
    • Recipes
  • Travel
  • Investigations
  • Climate & Environment
  • World
  • Science & Technology
  • Interviews
  • Visual Stories
  • Crosswords & Sudoku
  • Horoscope
  • Forex
  • Corrections
  • Letters to the Editor
  • Today's ePaper
Monday, July 28, 2025

Without Fear or FavourUNWIND IN STYLE

21.54°C Kathmandu
Air Quality in Kathmandu: 58
300+Hazardous
0-50Good
51-100Moderate
101-150Unhealty for Sensitive Groups
151-200Unhealthy
201-300Very Unhealthy
Mon, Jul 28, 2025
21.54°C Kathmandu
Air Quality in Kathmandu: 58
  • What's News :

  • Nepal’s EV imports
  • Bagmati assembly turmoil
  • Illegal mining in Kaligandaki river
  • Public smoking ban
  • Bidya Bhandari's comeback

Opinion

Think before you click

Nepal should exercise security measures to safeguard digital intrusions because anyone is susceptible to crypto-jacking Think before you click
bookmark
  • facebook
  • twitter
  • Whatsapp
  • mail
Biranchi Paudyal
Published at : December 31, 2017
Updated at : December 31, 2017 08:42

Whenever we think about web threats, issues like malware, hacking and pornography are probably the first to pop into our heads, but cyberspace is witnessing one new web menace that is quickly gaining international attention, “Crypto Jacking”. It involves the secret use of your computing device to mine crypto-cash. Anyone casually using the internet at home can be unwittingly functioning as a proxy member of a hacker’s team. Over the past few months, there has been a frightening growth in the number of websites running scripts that silently crypto jack users’ computer resources and secretly make them mine digital currency for miscreants.

Easy bucks

This November, a security engineer at Threat Nix claimed on his Facebook wall that OnlineKhabar, the fifth most-viewed webpage in Nepal had a script of ‘Coin Hive’ running in the background which is used to secretly takeover users’ computer resources to mine crypto-currency. After this revelation, OnlineKhabar confirmed the presence of the secret code which has now been removed from the website. In a recently released document, OnlineKhabar claimed the involvement of a third party and demanded legal action against the culprit. This indicates that OnlineKhabar was a victim of a cyber-attack.  If OnlineKhabar can be hacked for crypto-mining, how can we guarantee the safety of other personal and public websites? In Nepal, except for a handful of Information Technology (IT) experts, almost the entire population is vulnerable to crypto-hacking. 

IT experts and the owners of popular sites are now rampantly using websites to mine crypto-currency using visitor’s regular sites worldwide. Security agency Trend Micro claims that high-traffic sites like online news and file sharing websites have been found with malicious scripts that use visitors’ CPU for mining purposes without their consent. Attackers exploit the interconnected machines of millions of gullible users as they visit such deliberately infected websites. These scripts can be easily misused by website owners or attackers because it requires a simple JavaScript file that website owners have to embed on their sites and it automatically processes crypto mining using each visitor’s machine. Easy bucks right? One study conducted by G Willems Lab recently found more than 25,000 sites actively running crypto-mining scripts in visitors’ browsers, which could make millions over time.

A crypto-currency runs on a Blockchain, which is like digital ledger replicated numerous times by various machines associated with the crypto-mining service. The updated document is circulated and made accessible to crypto-currency holders. The ownership of every single crypto-currency and every bit of transaction in flow is recorded in Blockchain. The Blockchain is operated by miners who use mega computers to handle the computation of transactions. Their job is to guarantee the validity of information and update each transaction, thereby determining secure processing of the whole transaction. Some miners use the scripts in popular websites and anonymously make users’ computers a part of the whole mining business.  

Just as susceptible

These scripts mine the crypto-cash popularly known as Monero, which is also an anonymous form of Bitcoin, because you can buy it offline with physical currency. According to Coin Hive, any webpage with one million visitors in a month could make about $116 worth of Monero.  This year alone, some high-streaming websites including torrent’s gateway, ‘The Pirate Bay’ was found running crypto-mining scripts on its website, secretly using visitors’ machine to heap Monero currencies. The process is simple: users enter a torrent site to search for a file, a script of Coin-hive operates in the background, mobilising user’s CPU resource to generate Monero currency for the site’s admin. Around 30 precent of the profits goes to Coin Hive, whereas sites like OnlineKhabar and The Pirate Bay keep the rest.

Recently some researchers from “Malwarebytes Labs” have discovered a new technique that allows compromised sites to keep mining even after a user closed the browser window. The window remains open and via hidden script, it continues generating Monero for website admin until the user makes a precise move to close it. Mining crypto-cash has become digital race for geniuses. Bitcoin was the first decentralised ledger currency released in early 2009. Similar digital currencies have evolved in the worldwide market since then, including Titcoin, Ethereum, Zcash and many others. Today’s digital world is busy with the competitive currency game where people can make large profits after investing a few bucks in technology and earn millions by mining digital coins.

The government of Nepal should exercise security measures to safeguard such digital intrusions because our country too is not safe from crypto-jacking. If popular news sites like OnlineKhabar are hacked to function as a medium for such illegal digital practices, it’s likely that other agents may also be sponging on our computer resources. Thus, the Nepali government should introduce a strong law that requires all websites that thrive in the public domain and have viewership of millions to hire professional IT experts to manage and secure their online resources. The increasing rate of crypto-jacking suggests that, on an individual level, some protection measures will have to be taken in browsers to reduce the threat of digital intruders. Available in Chrome browser, extensions like ‘Miner Block’ and ‘No Coin’ can block popular crypto miners from using our machines.

- Poudyal is a freelance writer and child health researcher at Kathmandu based NGO, Global Initiative For Vivid Empowerment (GIVE)


Biranchi Paudyal


Read Other Opinions

Parched for ideas
Global action on development finance
Rethinking academia
Nepal as a land-linked country
Sri Lanka’s maritime ambitions
Going wrong on rights

Editor's Picks

Kailash pilgrims breathe new life into Nepal’s mountain economy
Pressure groups are dictating lawmaking
Indians paying by QR in Nepal for a year but Nepalis still lack access in India
UML weighs binning age, term limits amid Oli-Bhandari rivalry
Law in the works to check officials’ conflict of interest

E-PAPER | July 28, 2025

  • Read ePaper Online
×
ABOUT US
  • About the Post
  • Masthead
  • Editorial Standards & Integrity
  • Workplace Harassment Policy
  • Privacy Policy
READ US
  • Home Delivery
  • ePaper
CONTACT US
  • Write for the Post
  • Letters to the Editor
  • Advertise in the Post
  • Work for the Post
  • Send us a tip
INTERACT WITH US
  • Twitter
  • Facebook
  • Instagram
OUR SISTER PUBLICATIONS
  • eKantipur
  • saptahik
  • Nepal
  • Nari
  • Radio Kantipur
  • Kantipur TV
© 2025 www.kathmandupost.com
  • Privacy Policy
Top