The Internet Is Ripe With In-Browser Miners and It's Getting Worse Each Day

Discussion in 'Security News' started by LASER_oneXM, Oct 18, 2017.

  1. Angole

    Angole New Member

    Dec 22, 2017
    1
    1
    Kampala
    Windows 10
    Microsoft
    #21 Angole, Dec 22, 2017
    Last edited: Dec 22, 2017
    But regardless of coinhive, there are some safe web miners that don't run malware content, like coinimp it's script can't be detected as a threat by any of the anti-viruses and ad blockers. The CPU Usage can also be adjustable to a lower percentage They use a slider to set Such CPU threshold in their script, thus not affecting your hardware.
     
    HarborFront likes this.
  2. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,295
    5,754
    Far East
    #22 HarborFront, Dec 22, 2017
    Last edited: Dec 22, 2017
    One disadvantage though there's no auto updating of mining domains....where got the time to do manual update?

    Quote from below
    Block mining scripts with Anti-WebMiner for Windows - gHacks Tech News

    :rolleyes:

    Using extensions is more convenient and, nowadays, many AVs also can detect/block miners
     
    TairikuOkami likes this.
  3. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,300
    Caille
    Windows 10
    Any crypto-currency miner (which uses resources of the users system) which is being ran without the user being aware, is automatically "malicious" in my opinion. The malicious intent stems from the action of doing things the user is not aware is being done (e.g. eating up their resources, mining crypto-currency), or distracting them with a service which is deceiving because in reality their resources are being used without them being aware to generate income to the authors.

    There's also crypto-currency malware which is Win32 based. You download and run -> now you are infected with a crypto-currency miner which will... mine crypto-currency. Eats up your resources.

    This doesn't mean that crypto-currency mining is malicious in itself; it depends on how it is used. If the user agree's to allow crypto-currency mining in exchange for free usage of a service, then they are aware of it and it is perfectly genuine (their decision and they don't mind it). Whereas, if you visit a website which starts deploying scripts to mine crypto-currency, or feeds you a download to desktop-based crypto-currency mining without you being aware of any of it (or the download behaving in a deceiving manner to make you think it is something it isn't - which is what a Trojan is), then it is malicious in my opinion.
     
  4. TairikuOkami

    TairikuOkami Level 8
    Content Creator

    May 13, 2017
    378
    1,599
    Postal Worker
    Slovakia
    Windows 10
    Indeed I expect some of them to popup. I would really like, if someone created filters, which could be added to adblocker extensions, like to adguard/uBlock.

    I was just crawling through Avast forum and Avast says, that they do not block conhive scripts, because they are not malicious. Once the webpage is closed, it is gone.
     
    upnorth and amico81 like this.
  5. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,295
    5,754
    Far East
    #25 HarborFront, Dec 22, 2017
    Last edited: Dec 22, 2017
    I just combined the miner blacklist (v1.24) from

    https://raw.githubusercontent.com/greatis/Anti-WebMiner/master/blacklist.txt

    with Chrome extension, minerBlock v1.1 default blacklist and FF Quantum extension, NoMiner's default blacklist v0.1.1

    to make a super blacklist and added to FF Quantum extension, NoMiner

    As for Chrome extension, minerBlock, I have FF's NoMiner and Anti-WebMiner's blacklists added to it.

    All duplicates removed.
     
    TairikuOkami and harlan4096 like this.
  6. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,295
    5,754
    Far East
    FYI, coinimp is blocked by Anti-WebMiner, here

    https://raw.githubusercontent.com/greatis/Anti-WebMiner/master/blacklist.txt
     
  7. Telos

    Telos Level 8

    Jan 29, 2017
    377
    991
    Baana
    Cash is far more anonymous. Nothing is anon under blockchain.
     
    upnorth and Opcode like this.
  8. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,300
    Caille
    Windows 10
    I never said it was anonymous. I said it was more anonymous, and it is compared to normal currencies online. This is why ransomware developers use crypto-currency like Bitcoin, or probably more preferred, Monero. Over PayPal or bank transfers. Prepaid credit cards were too much hassle.

    Then you have crypto-currency tumbling...

    Zcash is another one.
     
    Telos and upnorth like this.
  9. rayber01

    rayber01 New Member

    Dec 23, 2017
    1
    0
    San Carlos, Venezuela
    Windows 10
    Malwarebytes
    I would like to highlight that I am using Coinimp services at CoinImp – Monero JavaScript Miningand i would like to say that i don't considere such service like intrusive because they provides a lot of settings for javascript miner like throttle settings which allows us to set the speed we want for that miner, and whether we select a smooth speed then we won't overuse visitor power but whether we select high speed then the intrusives would be "the webmasters" instead the web miner.
     
Loading...