CoinHive Discovered cryptominating script in chat widget

Companies using a customer support chat widget have been secretly spying on the crypto currency Monero over the past few days. Affected were also the memory manufacturer Crucial and the sports provider Everlast.
The crypto mining script Coinhive has also been used in recent days in a popular tool called Live Help Now. Several hundred websites use the widget to provide customer support. So far, it is unclear whether the developers of the service intentionally installed the script or even victims of an attack. In a recent test we could no longer determine the Coinhive code in the widget.

Bleepingcomputers had first reported on the incident. The developers of the widget were due to the Thanksgiving holiday in the US initially not be reached. According to screenshots, the CPU load increases significantly after the script is installed. About 1,500 websites are currently using the widget and contributed to it, often unknowingly, to a higher power consumption of their customers' PCs.

Major customers included Crucial storage solutions provider and sporting goods manufacturer Everlast. Both are still using the Live Help Now widget, but we have not been able to prove Coinhive integration there at the moment. In the script itself under the address 'http://www.livehelpnow.net/lhn/widgets/helpouttab/lhnhelpouttab-current.min.js' no Coinhive-URL can be found anymore.

Coinhive uses the computing power of Web site visitors to mine cryptocurrencies. Coinhive mines Monero, but there are other providers that generate different cryptocurrencies. Several adblockers prevent uninvited mining, there are also extra plugins to detect infected pages. An overview of the pages can be found at whorunscoinhive.com.

Coinhive itself had announced after a surprisingly successful start for the company to offer an opt-in procedure in the future, so that users of websites do not contribute without their knowledge to mining.