SEO tools provider and marketing data company Ahrefs[1] analyzed 175 million websites in their database to find out exactly how many websites are crypto-mining using their visitor’s computers.
Cryptojacking is a growing issue for website owners and organizations globally[2], with many falling victim to cryptocurrency mining malware hacks. These hacks install mining scripts into websites allowing hackers to mine cryptocurrencies unbeknown to website visitors and owners.
Crypto-mining malware can use website visitor’s computer systems, central processing units (CPUs), graphics processing units (GPUs) and their electricity, sending mining rewards to hackers at hidden cryptocurrency wallet addresses.
Website owners may also knowingly operate cryptocurrency mining scripts, but without warning visitors, using visitor’s computer power to mine cryptocurrencies for their own benefit.
In both cases, website visitors are not aware their systems are being used in this way unless they happen to notice their systems slow down or spot hikes in processor or browser activity.
Ahrefs[3] crawled the 175 million websites in its database, including subdomains, with an application called Wappalyzer which reveals the technologies a website employs. Wappalyzer[4] is able to identify 14 common crypto-mining scripts.
A total of 23,872 unique website domains out of the 175 million analyzed were found to be running cryptocurrency mining scripts. Of the total identified, most of them, at 93.82%, were running the Coinhive crypto-mining script.
Ahrefs went on to analyse how many visitors these sites are likely receiving via organic search from Google, most of which would be unaware they are mining cryptocurrency for hackers or site owners while they are browsing the site. Ahrefs estimated monthly search traffic based on search volumes and estimated click-through rates. They summarised that roughly 91% of websites with
