For several years, cybercriminals have taken advantage of cryptocurrency mining in order to make a profit. Mostly by using malware or potentially unwanted applications installed on the victim‘s machine. Now, ESET researchers have analyzed a special case of mining of cryptocurrencies – done directly within your web browser using JavaScript.
Knowing that the default settings of most browsers include activated JavaScript, attackers simply needed to insert the mining script in websites that receive large amounts of traffic.
“It is easier to reach a significant number of victims by infecting websites than it is by infecting users’ machines. In this case, attackers were injecting scripts in high-traffic websites impacting mostly Russian, Ukrainian, Belarusian, Moldavian and Kazakh users,” explains Matthieu Faou, Malware Researcher at ESET.
To mine Feathercoin, Litecoin and Monero, attackers injected malicious JavaScript into video streaming and in-browser gaming websites, since their users tend to spend more time on the same webpage, which allows these mining scripts to run longer and use more computing power.
“This method of mining is less effective as it tends to be 1.5 to 2 times slower when compared to mining with regular software, but that is counterbalanced by the higher number of impacted users” adds Faou.
Some regulatory bodies consider mining cryptocurrencies on a user’s machine without consent equivalent to gaining access to the computer. Thus, developers of such services should advertise it clearly before starting mining, which is clearly not the case in a distribution scheme using malvertising.
Here are few tips from Matthieu Faou for protecting against this kind of threat:
· Enable detection of Potentially Unsafe Applications and Potentially Unwanted Applications (PUA) in ESET Internet Security/ ESET NOD32 Antivirus / ESET Smart Security Premium. Follow our simple instructions to set it up yourself here.
· Keep your internet security solution up-to-date. Check for the latest update of ESET Windows home products here.
· Install an ad blocker in the browser(s) you use such as uBlock.
· Additionally, you can install a script blocker such as NoScript. Be aware that installing script blocker in your browser could disable some websites functionalities.
For more details about Cryptocurrency web mining, please follow the analysis titled‚ Cryptocurrency web mining: in union there is profit‘on WeLiveSecurity.com