The Internet Is Ripe With In-Browser Miners and It's Getting Worse Each Day

Angole

New Member
Joined
Dec 22, 2017
Messages
1
OS
Windows 10
Antivirus
Microsoft
#21
But regardless of coinhive, there are some safe web miners that don't run malware content, like coinimp it's script can't be detected as a threat by any of the anti-viruses and ad blockers. The CPU Usage can also be adjustable to a lower percentage They use a slider to set Such CPU threshold in their script, thus not affecting your hardware.
 
Last edited:
Likes: HarborFront

HarborFront

Level 38
Content Creator
Joined
Oct 9, 2016
Messages
2,722
#22
One disadvantage though there's no auto updating of mining domains....where got the time to do manual update?

Quote from below
You do need to revisit the page regularly however to pick up new mining domains and changes to existing ones.
Block mining scripts with Anti-WebMiner for Windows - gHacks Tech News

:rolleyes:

Using extensions is more convenient and, nowadays, many AVs also can detect/block miners
 
Last edited:
Likes: TairikuOkami

Opcode

Level 28
Content Creator
Joined
Aug 17, 2017
Messages
1,733
#23
But regardless of coinhive, there are some safe web miners that don't run malware content, like coinimp it's script can't be detected as a threat by any of the anti-viruses and ad blockers. The CPU Usage can also be adjustable to a lower percentage They use a slider to set Such CPU threshold in their script, thus not affecting your hardware.
Any crypto-currency miner (which uses resources of the users system) which is being ran without the user being aware, is automatically "malicious" in my opinion. The malicious intent stems from the action of doing things the user is not aware is being done (e.g. eating up their resources, mining crypto-currency), or distracting them with a service which is deceiving because in reality their resources are being used without them being aware to generate income to the authors.

There's also crypto-currency malware which is Win32 based. You download and run -> now you are infected with a crypto-currency miner which will... mine crypto-currency. Eats up your resources.

This doesn't mean that crypto-currency mining is malicious in itself; it depends on how it is used. If the user agree's to allow crypto-currency mining in exchange for free usage of a service, then they are aware of it and it is perfectly genuine (their decision and they don't mind it). Whereas, if you visit a website which starts deploying scripts to mine crypto-currency, or feeds you a download to desktop-based crypto-currency mining without you being aware of any of it (or the download behaving in a deceiving manner to make you think it is something it isn't - which is what a Trojan is), then it is malicious in my opinion.
 

TairikuOkami

Level 13
Content Creator
Joined
May 13, 2017
Messages
626
OS
Windows 10
#24
Using extensions is more convenient and
Indeed I expect some of them to popup. I would really like, if someone created filters, which could be added to adblocker extensions, like to adguard/uBlock.

and, nowadays, many AVs also can detect/block miners
I was just crawling through Avast forum and Avast says, that they do not block conhive scripts, because they are not malicious. Once the webpage is closed, it is gone.
 

HarborFront

Level 38
Content Creator
Joined
Oct 9, 2016
Messages
2,722
#25
Indeed I expect some of them to popup. I would really like, if someone created filters, which could be added to adblocker extensions, like to adguard/uBlock.


I was just crawling through Avast forum and Avast says, that they do not block conhive scripts, because they are not malicious. Once the webpage is closed, it is gone.
I just combined the miner blacklist (v1.24) from

https://raw.githubusercontent.com/greatis/Anti-WebMiner/master/blacklist.txt

with Chrome extension, minerBlock v1.1 default blacklist and FF Quantum extension, NoMiner's default blacklist v0.1.1

to make a super blacklist and added to FF Quantum extension, NoMiner

As for Chrome extension, minerBlock, I have FF's NoMiner and Anti-WebMiner's blacklists added to it.

All duplicates removed.
 
Last edited:

HarborFront

Level 38
Content Creator
Joined
Oct 9, 2016
Messages
2,722
#26
But regardless of coinhive, there are some safe web miners that don't run malware content, like coinimp it's script can't be detected as a threat by any of the anti-viruses and ad blockers. The CPU Usage can also be adjustable to a lower percentage They use a slider to set Such CPU threshold in their script, thus not affecting your hardware.
FYI, coinimp is blocked by Anti-WebMiner, here

https://raw.githubusercontent.com/greatis/Anti-WebMiner/master/blacklist.txt
 

Opcode

Level 28
Content Creator
Joined
Aug 17, 2017
Messages
1,733
#28
Cash is far more anonymous. Nothing is anon under blockchain.
I never said it was anonymous. I said it was more anonymous, and it is compared to normal currencies online. This is why ransomware developers use crypto-currency like Bitcoin, or probably more preferred, Monero. Over PayPal or bank transfers. Prepaid credit cards were too much hassle.

Then you have crypto-currency tumbling...

Zcash is another one.
 

rayber01

New Member
Joined
Dec 23, 2017
Messages
1
OS
Windows 10
Antivirus
Malwarebytes
#29
I would like to highlight that I am using Coinimp services at CoinImp – Monero JavaScript Miningand i would like to say that i don't considere such service like intrusive because they provides a lot of settings for javascript miner like throttle settings which allows us to set the speed we want for that miner, and whether we select a smooth speed then we won't overuse visitor power but whether we select high speed then the intrusives would be "the webmasters" instead the web miner.