The Internet Is Ripe With In-Browser Miners and It's Getting Worse Each Day

Angole

Angole

New Member
Dec 22, 2017
1
But regardless of coinhive, there are some safe web miners that don't run malware content, like coinimp it's script can't be detected as a threat by any of the anti-viruses and ad blockers. The CPU Usage can also be adjustable to a lower percentage They use a slider to set Such CPU threshold in their script, thus not affecting your hardware.
 
Last edited:
  • Like
Reactions: HarborFront
H

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,142
antreas said:
I use GitHub - greatis/Anti-WebMiner: Anti-WebMiner protects your PC against web cryptocurrency miners (JS scripts like Coinhive executed in the browser) by modifying Windows hosts file and No Coin extension to know which websites use miners with No coin.
Click to expand...
One disadvantage though there's no auto updating of mining domains....where got the time to do manual update?

Quote from below
You do need to revisit the page regularly however to pick up new mining domains and changes to existing ones.
Click to expand...
Block mining scripts with Anti-WebMiner for Windows - gHacks Tech News

:rolleyes:

Using extensions is more convenient and, nowadays, many AVs also can detect/block miners
 
Last edited:
  • Like
Reactions: TairikuOkami
D

Deleted member 65228

Angole said:
But regardless of coinhive, there are some safe web miners that don't run malware content, like coinimp it's script can't be detected as a threat by any of the anti-viruses and ad blockers. The CPU Usage can also be adjustable to a lower percentage They use a slider to set Such CPU threshold in their script, thus not affecting your hardware.
Click to expand...
Any crypto-currency miner (which uses resources of the users system) which is being ran without the user being aware, is automatically "malicious" in my opinion. The malicious intent stems from the action of doing things the user is not aware is being done (e.g. eating up their resources, mining crypto-currency), or distracting them with a service which is deceiving because in reality their resources are being used without them being aware to generate income to the authors.

There's also crypto-currency malware which is Win32 based. You download and run -> now you are infected with a crypto-currency miner which will... mine crypto-currency. Eats up your resources.

This doesn't mean that crypto-currency mining is malicious in itself; it depends on how it is used. If the user agree's to allow crypto-currency mining in exchange for free usage of a service, then they are aware of it and it is perfectly genuine (their decision and they don't mind it). Whereas, if you visit a website which starts deploying scripts to mine crypto-currency, or feeds you a download to desktop-based crypto-currency mining without you being aware of any of it (or the download behaving in a deceiving manner to make you think it is something it isn't - which is what a Trojan is), then it is malicious in my opinion.
 
  • Like
Reactions: Arequire, upnorth, Sunshine-boy and 1 other person
TairikuOkami

TairikuOkami

Level 37
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,641
HarborFront said:
Using extensions is more convenient and
Click to expand...
Indeed I expect some of them to popup. I would really like, if someone created filters, which could be added to adblocker extensions, like to adguard/uBlock.

HarborFront said:
and, nowadays, many AVs also can detect/block miners
Click to expand...
I was just crawling through Avast forum and Avast says, that they do not block conhive scripts, because they are not malicious. Once the webpage is closed, it is gone.
 
  • Like
Reactions: upnorth and amico81
H

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,142
TairikuOkami said:
Indeed I expect some of them to popup. I would really like, if someone created filters, which could be added to adblocker extensions, like to adguard/uBlock.


I was just crawling through Avast forum and Avast says, that they do not block conhive scripts, because they are not malicious. Once the webpage is closed, it is gone.
Click to expand...
I just combined the miner blacklist (v1.24) from

https://raw.githubusercontent.com/greatis/Anti-WebMiner/master/blacklist.txt

with Chrome extension, minerBlock v1.1 default blacklist and FF Quantum extension, NoMiner's default blacklist v0.1.1

to make a super blacklist and added to FF Quantum extension, NoMiner

As for Chrome extension, minerBlock, I have FF's NoMiner and Anti-WebMiner's blacklists added to it.

All duplicates removed.
 
Last edited:
  • Like
Reactions: TairikuOkami and harlan4096
H

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,142
Angole said:
But regardless of coinhive, there are some safe web miners that don't run malware content, like coinimp it's script can't be detected as a threat by any of the anti-viruses and ad blockers. The CPU Usage can also be adjustable to a lower percentage They use a slider to set Such CPU threshold in their script, thus not affecting your hardware.
Click to expand...
FYI, coinimp is blocked by Anti-WebMiner, here

https://raw.githubusercontent.com/greatis/Anti-WebMiner/master/blacklist.txt
 
D

Deleted member 65228

Telos said:
Cash is far more anonymous. Nothing is anon under blockchain.
Click to expand...
I never said it was anonymous. I said it was more anonymous, and it is compared to normal currencies online. This is why ransomware developers use crypto-currency like Bitcoin, or probably more preferred, Monero. Over PayPal or bank transfers. Prepaid credit cards were too much hassle.

Then you have crypto-currency tumbling...

Zcash is another one.
 
  • Like
Reactions: codswollip and upnorth
rayber01

rayber01

New Member
Dec 23, 2017
1
I would like to highlight that I am using Coinimp services at CoinImp – Monero JavaScript Miningand i would like to say that i don't considere such service like intrusive because they provides a lot of settings for javascript miner like throttle settings which allows us to set the speed we want for that miner, and whether we select a smooth speed then we won't overuse visitor power but whether we select high speed then the intrusives would be "the webmasters" instead the web miner.
 
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Wow
    • HaHa
    • +Reputation
A.I. News Apple will not launch its Apple Intelligence and other iOS 18 updates in the EU this year
Replies
2
Views
593
Technology News
Marko :)
Marko :)
Gandalf_The_Grey
    • Like
    • Applause
30 years ago this month, the Mosaic web browser officially launched and changed the world
Replies
4
Views
948
News Archive
simmerskool
simmerskool
Gandalf_The_Grey
    • Applause
    • Like
    • Thanks
New Update iPadOS 18 to Enable Alternative App Stores and Browser Engines in the EU
Replies
0
Views
221
macOS, iOS & iPadOS
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top