Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Mine cryptocurrency [Monero (XMR)](https://getmonero.org/) using [CoinHive](https://coinhive.com/) from node.js
Mine cryptocurrency Monero (XMR) using CoinHive from node.js
This project is not endorsed by or affiliated with coinhive.com
in any way.
npm install -g coin-hive
const CoinHive = require('coin-hive');
(async () => {
// Create miner
const miner = await CoinHive('ZM4gjqQ0jh0jbZ3tZDByOXAjyotDbo00'); // Coin-Hive's Site Key
// Start miner
await miner.start();
// Listen on events
miner.on('found', () => console.log('Found!'))
miner.on('accepted', () => console.log('Accepted!'))
miner.on('update', data => console.log(`
Hashes per second: ${data.hashesPerSecond}
Total hashes: ${data.totalHashes}
Accepted hashes: ${data.acceptedHashes}
`));
// Stop miner
setTimeout(async () => await miner.stop(), 60000);
})();
Usage: coin-hive <site-key>
<site-key>: Your CoinHive Site Key
Options:
--username Set a username for the miner
--interval Interval between updates (logs)
--port Port for the miner server
--host Host for the miner server
--threads Number of threads for the miner
--proxy Proxy socket 5/4, for example: socks5://127.0.0.1:9050
--puppeteer-url URL where puppeteer will point to, by default is miner server (host:port)
--miner-url URL of CoinHive's JavaScript miner, can be set to use a proxy
CoinHive(siteKey[, options])
: Returns a promise of a Miner
instance. It requires a Coin-Hive Site Key. The options
object is optional and may contain the following properties:
username
: Set a username for the miner. See CoinHive.User.
interval
: Interval between update
events in ms. Default is 1000
.
port
: Port for the miner server. Default is 3002
.
host
: Host for the miner server. Default is localhost
.
threads
: Number of threads. Default is navigator.hardwareConcurrency
(number of CPU cores).
proxy
: Puppeteer's proxy socket 5/4 (ie: socks5://127.0.0.1:9050
).
miner.start()
: Connect to the pool and start mining. Returns a promise that will resolve once the miner is started.
miner.stop()
: Stop mining and disconnect from the pool. Returns a promise that will resolve once the miner is stopped.
miner.kill()
: Stop mining, disconnect from the pool, shutdown the server and close the headless browser. Returns a promise that will resolve once the miner is dead.
miner.on(event, callback)
: Specify a callback for an event. The event types are:
update
: Informs hashesPerSecond
, totalHashes
and acceptedHashes
.
open
: The connection to our mining pool was opened. Usually happens shortly after miner.start() was called.
authed
: The miner successfully authed with the mining pool and the siteKey was verified. Usually happens right after open.
close
: The connection to the pool was closed. Usually happens when miner.stop() was called.
error
: An error occured. In case of a connection error, the miner will automatically try to reconnect to the pool.
job
: A new mining job was received from the pool.
found
: A hash meeting the pool's difficulty (currently 256) was found and will be send to the pool.
accepted
: A hash that was sent to the pool was accepted.
miner.rpc(methodName, argsArray)
: This method allows you to interact with the Coin-Hive miner instance. It returns a Promise that resolves the the value of the remote method that was called. The miner intance API can be found here. Here's an example:
var miner = await CoinHive('SITE_KEY');
await miner.rpc('isRunning'); // false
await miner.start();
await miner.rpc('isRunning'); // true
await miner.rpc('getThrottle'); // 0
await miner.rpc('setThrottle', [0.5]);
await miner.rpc('getThrottle'); // 0.5
All the following environment variables can be used to configure the miner from the outside:
COINHIVE_SITE_KEY
: Coin-Hive's Site Key
COINHIVE_USERNAME
: Set a username to the miner. See CoinHive.User.
COINHIVE_INTERVAL
: The interval on which the miner reports an update
COINHIVE_THREADS
: Number of threads
COINHIVE_PORT
: The port that will be used to launch the server, and where puppeteer will point to
COINHIVE_HOST
: The host that will be used to launch the server, and where puppeteer will point to
COINHIVE_PUPPETEER_URL
: In case you don't want to point puppeteer to the local server, you can use this to make it point somewhere else where the miner is served (ie: COINHIVE_PUPPETEER_URL=http://coin-hive.herokuapp.com
)
COINHIVE_MINER_URL
: Set the CoinHive JavaScript Miner url. By defualt this is https://coinhive.com/lib/coinhive.min.js
. You can set this to use a CoinHive Proxy.
COINHIVE_PROXY
: Puppeteer's proxy socket 5/4 (ie: COINHIVE_PROXY=socks5://127.0.0.1:9050
)
FAQs
Mine cryptocurrencies [Monero (XMR)](https://getmonero.org/) and [Electroneum (ETN)](http://electroneum.com/) using [CoinHive](https://coinhive.com/) from node.js
The npm package coin-hive receives a total of 69 weekly downloads. As such, coin-hive popularity was classified as not popular.
We found that coin-hive demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.