Hackers’ new front in web mining Cryptocurrencies

ESET, a global leader in cybersecurity, has discovered a new tactic being used by cybercriminals to profiteer through the mining of cryptocurrencies on the web.

By using malware or potentially unwanted applications installed on the victim ‘s machine, cybercriminals have for several years taken advantage of cryptocurrency mining in order to realise a profit.

Now, ESET researchers have successfully analysed a special case of mining of cryptocurrencies – done directly within a user’s web browser using JavaScript.

Knowing that the default settings of most browsers include activated JavaScript, attackers can simply insert the mining script in websites such as video streaming, gaming and news sites that receive large amounts of traffic.

It is easier to reach a significant number of victims by infecting websites than it is by infecting users’ machines. In this case, attackers were injecting scripts in high-traffic websites impacting mostly Russian, Ukrainian, Belarusian, Moldavian and Kazakh users,” explains Matthieu Faou, Malware Researcher at ESET.

To mine Feathercoin, Litecoin and Monero, attackers injected malicious JavaScript into video streaming and in-browser gaming websites, since their users tend to spend more time on the same webpage, which allowed the mining scripts to run longer and use more computing power.

“Although this method of mining is 1.5 to 2 times slower when compared to crypto coin mining with regular software, it  is counterbalanced by the potentially higher number of impacted users” added Faou.

Some regulatory bodies consider mining cryptocurrencies on a user’s machine without consent equivalent to gaining access to the computer. Thus, developers of such services are expected to advertise it clearly before starting mining, but which rarely happens in these types of distribution scheme using malvertising.

To protect oneself against this kind of threat, ESET advices that users should enable detection of Potentially Unsafe Applications and Potentially Unwanted Applications (PUA) in ESET Internet Security, ESET NOD32 Antivirus and ESET Smart Security Premium solutions while also running regular updates.

One can also consider installing their preferred Ad blocker in their browsers. Additionally one can also install a script blocker in their browser but which could however disable some websites functionalities.

For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defences in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centres worldwide, ESET becomes the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information, visit www.eset.com or follow us on LinkedIn, Facebook and Twitter.


Leave a Reply

Your email address will not be published. Required fields are marked *