Personal blog of Alex Muratov

Beware of browser “miners”

Posted on October 2, 2017 | in Bitcoin, Cryptocurrency, Malware | by

Cryptocurrency “mining” is very popular today. More and more people “mine” it and get profit. It is not rare case when a malware installs a “miner” on an infected workstation and turns it to a mining machine to create profit for a threat actor.

But now anybody may become a victim of such tactic without being infected by malware – browser mining.
How it happens? A malicious web site injects a JS script that does mining. It is very ineffective in terms of a single miner, but if number of such “accidental” miners is high, expected profit may be measurable.

An example:
Web site “www.tyxihxxtpumgm[.]bid” is referred by another streaming web site and it injects to a victim’s browser the following script:

You can see that the script contains a wallet address, but it is not valid coin address. Apparently it is just a token that is linked to an actual wallet. The actual “miner” site is coin-hive[.]com. Of course actual registrant is hidden by “whois protector” and it was registered recently on Aug 24, 2017. The site says “A crypto Miner for your web site. Monetize your business with your users’ CPU power”. For me it sounds not very friendly for users!

So if you see that your browser is sluggish and “eats” a lot of CPU resources, take a look, maybe your computer is recruited to mine “coins” for somebody.

TAGS: ,

Leave a Reply

BOINC

BOINC

Ads

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Calendar

October 2017
M T W T F S S
« Aug    
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
%d bloggers like this: