Millions of dedicated machines around the world are mining cryptocurrency to support the growing number of blockchains behind popular cryptocurrencies.
But since many others also wanted to enter the industry, many of them engage in unethical mining that uses scripts to steal website visitor's computing power for crypto-mining.
The epidemic becomes worse when it was realized that 48,953 websites were already infected by crypto-jacking malware, according to security researcher Troy Mursch from Bad Packets Report.
Mursch used source-code search engine PublicWWW to scan web pages for crypto-jacking malware. He added that at least 7,368 of the compromised sites are powered by WordPress, one of the most popular CMS platform.
The researcher notes that Coinhive continues to be the most widespread crypto-jacking script, accounting to about 40,000 infected websites, or 81 percent of all recorded cases. This is an increase since November 2017 when Mursch was able to find at least 30,000 websites running Coinhive.
Coinhive's Monero is more popular because it uses proof of memory rather than work, and also because most people's computers aren't yet secured enough from preventing the scripts from running.
And for the remaining 19 percent, Bad Packets Report said that they spread between various Coinhive alternatives, like Crypto-Loot, CoinImp, Minr and deepMiner.