A surge of sites and apps are exhausting your CPU to mine cryptocurrency

Recommended Posts

Just a heads up about this new computer threat that is rapidly growing. The linked article covers the basics, but the main thing I wanted to convey is that as a general rule your antivirus does little against this. However, just as with AD blockers, there are browser extensions you can add to combat this.

Its up to the individual to decide if it's worth doing, however. (Good luck out there!)

I myself use crypto miner blocker, as the code is open source, and I hate even the possibility of having my cpu resources rudely hijacked.

Excerpt: https://arstechnica.com/information-technology/2017/10/a-surge-of-sites-and-apps-are-exhausting-your-cpu-to-mine-cryptocurrency/



The Internet is awash with covert crypto currency miners that bog down computers and even smartphones with computationally intensive math problems called by hacked or ethically questionable sites.

The latest examples came on Monday with the revelation from antivirus provider Trend Micro that at least two Android apps with as many as 50,000 downloads from Google Play were recently caught putting crypto miners inside a hidden browser window. The miners caused phones running the apps to run JavaScript hosted on Coinhive.com, a site that harnesses the CPUs of millions of PCs to mine the Monero crypto currency. In turn, Coinhive gives participating sites a tiny cut of the relatively small proceeds. Google has since removed the apps, which were known as Recitiamo Santo Rosario Free and SafetyNet Wireless App.

Last week, researchers from security firm Sucuri warned that at least 500 websites running the WordPress content management system alone had been hacked to run the Coinhive mining scripts. Sucuri said other Web platforms—including Magento, Joomla, and Drupal—are also being hacked in large numbers to run the Coinhive programming interface.

Earlier this month, political fact-checking site Politifact.com was found hosting Coinhive scripts in a way that exhausted 100 percent of visitors computing resources. A PolitiFact official told Ars the incident occurred when "an unidentified hacker attached a crypto mining script to the PolitiFact code base being stored on a cloud-based server." The code has since been removed and was active only when people had a politifact.com window open in their browser.

Don't look, don't tell

Coinhive presents its service as a way end users can support sites without viewing online ads, which are often criticized for containing malware that surreptitiously infects visitors with ransomware, password stealers, and other malicious wares. And in fairness, the service only consumes 100 percent of a visitor's computing resources when the Coinhive's interfaces are being abused. Still, Coinhive doesn't require third-party sites to tell visitors their computers and electricity are being consumed in exchange for visiting the site. Coinhive has also done nothing to prevent sites from abusing its programming interface in a way that completely drains visitors' resources.



  • Upvote 1

Share this post

Link to post
Help AVSIM continue to serve you!
Please donate today!

Hijacking a system is very commonplace and has been for a long time.  Crypto Miners are not new, they just have evolved.  I use Hijack this as my scanner and I know how to remove malware, spyware and viruses by what I examine in that tool.  I use three layers of security, a firewall, a virus scanner, and hijack this.  I uninstalled Spybot as I found it likes to leave Defender disabled, even if you uninstall it.  Prefer Malwarebytes but I don't need it.  When I worked as a WAN Admin I published a quarterly newsletter for our employees, because we let them surf during their idle time.  We felt it would keep them close to the workplace and that's exactly what we accomplished.  If I was suspect about someone's surfing I would dial in stealth mode and observe their surfing habits.  Most people just made mistakes typing url's.  I had a strict self enforced policy not to wipe a PC unless there was no other choice, that happened only once and it was due to a corrupted hard drive after a transformer was dug into and blown up outside our offices.  I heard the boom, then it was lights out, LOL.  Had to spend the night at a local hotel so I could get the WAN back up before our opening hours.

General web rules"

1  Watch how you type

2. Use a pop-up blocker

3.  Do not open spam links no matter how tempting.  They appear to you as one site, then redirect to a completely different site.

4. If you suspect foul play, generate a Hijack This log and share it on the forums.  Even I don't know everything, but as a collective group we know probably more than most MSE's do.

5. Firewall, use layers, both hardware and software.

6. Use a different spell checker than the Windows default.  I noticed a lag whenever I would type, now I use Grammarly, the free version.  It liberated my typing speed and now I can type well over 70 wpm in short bursts, slower than hand typists because I hunt and peck intentionally.

7. I recommend Malwarebytes over Spybot, less intrusive, better UI.

8. Back up critical data and try to put data on a separate partition from program files.

9. Go back to #1 

  • Upvote 1

Share this post

Link to post

I wanted to add a note about ransomware.  It is becoming an epidemic on the Internet.  You go to a site, let's say you want to download a freeware program.  As soon as you start the download you are either asked to launch an executable or you are told your computer is infected with a virus, just click OK.  Do NOT click either OK or Cancel, go to task manager and kill the browser immediately.  I recommend Chrome for that reason, because some browsers automatically try to take you to the page you were last on.  Cell phones are especially vulnerable to ransomware because it is so easy to mistype a url.  If you see such a popup, pull the battery if you have to, do not do a restart.  A friend's cell was badly infected, I just went there to clean up the virus that was on it, all the sound was muted on the phone and no outgoing calls could be made.  I was paid back immediately for what I did.


  • Upvote 1

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now