The Internet Is Ripe With In-Browser Miners and It's Getting Worse Each Day

Discussion in 'Security News' started by LASER_oneXM, Oct 18, 2017.

  1. LASER_oneXM

    LASER_oneXM Level 17
    Content Creator

    Feb 4, 2016
    847
    4,405
    university/IT
    Germany / Poland
    Windows 8.1
    Kaspersky
     
  2. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    It was always bound to happen; miners being distributed in software-form were starting to get much more popular also. Now there are web-based in-browser miners, attackers will move to this as the chances of it providing successful results maybe higher than when in software form.

    Thankfully, there are script blockers which can prevent crypto-currency mining when we are browsing online. More importantly though, we need to make sure we understand what websites we are viewing and to only view trusted and reputable websites to prevent running into anything harmful or unwanted in the first place if possible.

    Some services (e.g. there was one VPN provider which does this now) actually allow crypto-currency mining as a form of payment to use services now. I am not sure how many people were in favour of such a thing though...

    Crypto-currency mining may be attempted to be used as an alternate to advertisements, but then it will just be blocked like how ad-blockers were released to stop advertisements. And the chances are, it'll be easier for us to block crypto-currency miners than not. When I use an ad-blocker, I don't think I ever really run into advertisements at all.
     
    kev216, Der.Reisende, vemn and 13 others like this.
  3. grumpy_joe

    grumpy_joe Level 1

    Oct 18, 2017
    26
    134
    Unspecified
    Other OS
    Strongly agree with that statement.
    Here is a trusted No Script addon for fireofx which will stop those crypto-currency mining. Keep in mind most of the websites will look broken if you use such extension. :(
    NoScript Security Suite
     
    vemn, shukla44, HarborFront and 5 others like this.
  4. Arequire

    Arequire Level 18

    Feb 10, 2017
    898
    2,803
    United Kingdom
    Windows 7
    Default-Deny
    #4 Arequire, Oct 18, 2017
    Last edited: Oct 18, 2017
    For anyone using AdGuard, you're already opt-in (although I'm not sure which miners this applies to besides Coinhive).
    [​IMG]

    My issue isn't with the mining itself but the fact you can't tell if the website is using one of said miners to generate revenue in place of ads (which I have little problem with as it doesn't infringe on my privacy and can't serve up an exploit kit or malware) or if the website has been compromised and the miner's been inserted to funnel money to blackhats.
     
  5. BryanB

    BryanB Level 3

    Aug 17, 2017
    114
    626
    Handyman
    MI
    Windows 7
    Default-Deny
    Thanks for the heads up on this and I'll admit I'm a little thick but even after reading the article in the link at the top I don't see what it is their mining.
     
    upnorth, Sunshine-boy, vemn and 7 others like this.
  6. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    Crypto-currency. :) Such as Bitcoin, Ethereum, SiaCoin (BTC, ETH, SC).

    Crypto-currency are basically currencies which are not "legally used" in real-life but are digital-based. By "legally" I don't mean they are illegal, anyone can use crypto-currency currencies... But the fact is that they are often used for online criminal activity online, via the dark-web for instance. This is because they may be more "anonymous" than using normal currencies via services like PayPal, but that doesn't mean they are full-proof because 100% anonymity/privacy doesn't exist.

    Crypto-currency can be exchanged for normal currencies (e.g. BTC to PayPal or Bank Transfer exchanges) on other market-places or with individuals, and then the received money from the exchanged would be usable in the real-world (normal sites like Amazon, in shops via your credit card after the bank transfer, etc.).

    Crypto-currency is popular with "trading" as well. For instance, a coin is being sold cheap so you buy a large majority and then if the price increases you sell them and make a profit. People have actually profitted in the hundreds of thousands or millions due to this but it is rare for this to happen to the average person with such a large amount of profit. Completely legal to do this though (there isn't even an age restriction as they aren't seen as "legal currencies" for usage in the real world AFAIK).

    Mining crypo-currency is basically generating money through using your system resources.

    If you get yourself an ad-blocker like Adguard they are already cracking down on in-browser miners so you'll be safer against them. Signs of mining occurring in-browser could be factors such as high CPU usage from your browser, even while the web-page doesn't seem very demanding at all (I'd imagine at least).
     
    upnorth, Sunshine-boy, vemn and 12 others like this.
  7. BryanB

    BryanB Level 3

    Aug 17, 2017
    114
    626
    Handyman
    MI
    Windows 7
    Default-Deny
    Bastardso_OCan you elaborate on this.
     
    upnorth, Sunshine-boy, vemn and 3 others like this.
  8. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    I am not knowledgeable in-depth on crypto-currency mining, I am just starting to research it further. However, the way it works is operations will be performed using your system resources and as a result the people responsible for the mining make money in crypto-currency form. In a situation like you having an active miner either in software or web-form, the owners of it would be making the money while using your system resources... :/

    If your resources are used up a lot and for a very long duration, it can also reduce life time of used components. Maybe it is unrealistic to say that systems are damaged in a normal situation but it would be like running an AV scan 24/7 which never stops and keeps in a loop to re-scan recursively, eventually the hardware components will die off due to being overused so much without break.

    Active crypto-currency mining will slow you down though I'd imagine since your resources will be used up for other things, leaving less available for things you need to do yourself on your own computer.

    It is not uncommon for people to buy good hardware components in bulk for custom builds for use with mining, but there is usually specific hardware designed for mining. I remember recently a lot of GPUs were out of stock because of people wanting to mine a new currency type which there was no specific hardware designed for it, or something alike that.
     
  9. BryanB

    BryanB Level 3

    Aug 17, 2017
    114
    626
    Handyman
    MI
    Windows 7
    Default-Deny
    Thanks Opcode.
     
    Sunshine-boy, vemn, Weebarra and 3 others like this.
  10. LASER_oneXM

    LASER_oneXM Level 17
    Content Creator

    Feb 4, 2016
    847
    4,405
    university/IT
    Germany / Poland
    Windows 8.1
    Kaspersky
    ... yeah... ...thats right.... ...now there is a risk that visiting sites on the web could cause serious damages to your local hardware (e.g. overheating) .... :mad:
     
    upnorth, Der.Reisende, vemn and 10 others like this.
  11. Weebarra

    Weebarra Level 7

    Apr 5, 2017
    338
    8,380
    Somewhere in Scottieland
    Windows 7
    Kaspersky
    What a brilliant explanation @Opcode, thank you. I had obviously read about mining on here but didn't really understand it (surprise, surprise) but today i have actually learnt something, woo hoo, get me (y) P.S. - I have "no coin" extension to help protect me in some way.
     
    upnorth, Sunshine-boy, vemn and 10 others like this.
  12. shukla44

    shukla44 Level 10

    Jan 14, 2016
    480
    4,527
    India
    Windows 7
    Kaspersky
    Yeah, this is the new future, not ads, not malvertizing, but this.... Mining.

    Already have Noscript & use nocoin filter in adguard plus Kaspersky detects most of them.
     
    upnorth, Sunshine-boy, vemn and 10 others like this.
  13. _CyberGhosT_

    _CyberGhosT_ Level 52
    Trusted

    Aug 2, 2015
    4,170
    27,465
    Retired
    Central US
    Linux Mint
    Default-Deny
    #13 _CyberGhosT_, Oct 18, 2017
    Last edited: Oct 19, 2017
    For those of us that use AdGuard, Boo-Berry over that the AdGuard site has the following added to his "User Rules"

    To block Coin Hive:
    In addition, I also have these CoinHive rules in my user filter to fully block it.

    Code:
    ||coin-hive.com/lib/coinhive.min.js^$script,empty
    ||coin-hive.com/lib/cryptonight.wasm
    If you want to completely block the CoinHive domain, use this rule (keep in mind you won't be able to visit coin-hive.com with this rule!):

    Code:
    ||coin-hive.com^$empty
    Using this last rule is a bit extreme, but it does work.
    Quoted from ( Source): Coinhive & similar blocking

    ** Here you can get a hold of the "Nocoin" list, as well as some other lists you may have not known about or had access to: FilterLists
    I added 2 and all I did was click on "Add" and AdGuard did the rest.
    Hope this helps. PeAcE
     
  14. Lockdown

    Lockdown From AppGuard
    Developer

    Oct 24, 2016
    2,700
    11,823
    AppGuard LLC Virginia, U.S.
    Coin mining is even more atrocious and despicable than ads, but the website owners will still acrimoniously scream bloody murder about blocking.
     
    upnorth, Sunshine-boy, vemn and 10 others like this.
  15. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    If it allows them to make money then they will do it. Mining has a reduced risk on punishment as well compared to malvertising I'd imagine, which will probably encourage people to do it more than things like that.

    Don't worry about it IMO. We will tackle mining just as good as we do when it comes to advertisements/malicious advertisements and pop-ups soon. If you see the post by @_CyberGhosT_ above ( The Internet Is Ripe With In-Browser Miners and It's Getting Worse Each Day ) we can see that Adguard is very useful right now too :)

    They aren't going to win without a fight... make them cry and wish they never wasted their time trying to be successful with it!!
     
  16. vemn

    vemn Level 6
    AV Tester

    Feb 11, 2017
    269
    1,238
    IT SYSADMIN
    Singapore
  17. Sunshine-boy

    Sunshine-boy Level 22

    Apr 1, 2017
    1,167
    5,166
    IRAN
    Windows 10
    ESET
    How?what is the relation between CPU usage and bitcoin? I don't understand it:notworthy:
     
  18. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    Your system power is used to mime bitcoin. The CPU (Central Processing Unit) is the heart of instruction execution on your system (usually - in a way we are leaning towards GPU technology for the future I think), thus your CPU usage increases.
     
  19. Robnobreaks

    Robnobreaks New Member

    Nov 25, 2017
    1
    2
    Palm Coast FL USA
    macOS Sierra
    Avast
    SO I just re install OS sierra .... lol got backups on usb/ prob infected . got the cryptonight tri .. in avast picks it up only in log var/db/uuidtext/7b/bc...64
    malwarebytes does not pick up on it. once I reboot it finds it in the var/db//// folder under same file name..... was a miner for mac that got me.
     
    LASER_oneXM and upnorth like this.
Loading...