Tech

Three ads generate 5.5 times more revenue than a web-based cryptojacking script

New academic research shows web-based cryptojacking nowhere near as efficient as ads at generating website revenues.

Written by Catalin Cimpanu, Contributor Aug. 7, 2019 at 10:00 p.m. PT

cryptocurrency mining — Image: Dmitry Moraine

See als

10 dangerous app vulnerabilities to watch out for (free PDF)

Web-based cryptocurrency mining, also known as cryptojacking or drive-by mining, never stood a chance to become an alternative revenue stream or replace classic ads.

According to new academic research published this month, a website that includes three ads makes 5.5 times more revenue than a website that deploys a cryptojacking script for the average duration of a web visit.

To become profitable, a website using web-based cryptojacking scripts would need to keep a user on its pages for more than 5.53 minutes, researchers said.

In-browser mining slows downs PCs

But keeping users on sites with cryptojacking scripts has negative side effects on the user's device, as the web-based mining script quickly bogs down resources and slows down the user's device.

Researchers -- from the University of Crete and the University of Illinois at Chicago -- said that websites that utilize cryptojacking scripts end up gobbling up 59 times more of the user's CPU than a website showing ads.

Websites with cryptojacking scripts also require 1.7 times more RAM than classic ad-supported websites.

Also, cryptojacking-supported sites generate 3.4 times more background traffic than ad-supported sites, as they need to constantly report their earnings back to the crypto-mining services.

Researchers also found that in-browser cryptocurrency miners also severely affect parallel running processes, with cryptojacking sites degrading the performance of parallel running applications with up to 57% when left in the browser's background.

All in all, the research team said that visiting a website utilizing cryptojacking scripts consumes on average 2.08 more energy than regular ad-based sites, and the user's device operates up to 52.8% higher temperatures.

Good on some sites, but bad for most

However, researchers conclude that cryptojacking can be an effective monetization scheme, but only for a certain class of websites, where users tend to spend a lot of time, such as movie streaming services or online games.

Here, in-browser miners have a good amount of time to gather revenue for the website operators, revenue that would have never been available just by showing a few ads at page load.

But for anything else, using classic ads will generate more profit and avoid annoying users with scripts that spike their CPUs and slow down their devices, which may lead to reputational damage to websites that engage in such practices.

Cryptojacking is dead

The phenomenon of web-based cryptojacking has mostly died down these days, after experiencing an explosion in late 2017 and throughout 2018.

When it launched, it was touted as an alternative revenue stream for the classic ad-supported model -- which has its own and many flaws.

However, in-browser mining never caught on with popular websites, and it was mostly abused by cybercrime groups who hacked into legitimate websites and left hidden cryptojacking scripts behind to mine Monero on site visitors' devices without permission.

Most cryptojacking operations went dead after the Coinhive service shut down in March 2019, and, according to Malwarebytes, most websites still running in-browser miners are abandoned sites that have been hacked in the past two years and nobody bothered to clean them.

ZDNet readers can find out more details in a pre-print of the "Truth in Web Mining: Measuring the Profitability and the Imposed Overheads of Cryptojacking" white paper that is going to be presented in September this year at the 22nd Information Security Conference (ISC), in New York, USA.