But websites that don't inform users this mining is happening are just one part of an emerging problem. Hackers have also taken to using malware to embed the mining software into websites whose owners aren't aware that their sites have been hijacked to make somebody else an extra buck. Politifact was one of several websites that recently had to admit its website was compromised with cryptocurrency-mining malware without their knowledge. Showtime was also forced to acknowledge (barely) that websites on two different Showtime domains had been compromised and infected with Coinhive-embedded malware.

While Bloomberg this week proclaimed that governments should really get behind this whole cryptocurrency mining thing, the reality is that numerous governments already have -- just not in the way they might have intended. Security researcher Scott Helme this week discovered that more than 4,000 U.S. and UK government websites -- including the US court system website -- have been infected with cryptocurrency mining malware, a number that's sure to only balloon.

As Helme notes, attackers don't need to even attack each website individually, as they've found a way to compromise shared resources like Text Help, whose modified script files were then loaded by thousands of websites at a pop:

Fortunately this attack isn't particularly hard to neutralize, with a tiny modification to the share script being able to nip similar, future attacks in the bud. But Helme also notes that this entire kerfuffle could have been substantially worse: