Cryptocurrency Mining scripts will still run on the background even when you close your browser

A couple of months ago, a new threat called “Cryptojacking” was on the rise. It is basically hijacking your web browser so that the exploiter can use your device to mine cryptocurrency when you visit an infected website. Both PC and Mobile devices has been reported to be vulnerable to this exploit.

A prominent torrent website, The Pirate Bay, was one of the websites identified using Cryptojacking.

“This is only a test. We really want to get rid of all the ads. But we also need enough money to keep the site running,” says The Pirate Bay.

“Let us know what you think in the comments. Do you want ads or do you want to give away a few of your CPU cycles every time you visit the site?”

Since the recent surge in cryptocurrency prices, legitimate websites and hackers have also increased the use of these JavaScript based cryptocurrency miners so that they can use your processor and associated resources as long as you’re on their site. They lose access to your PC when you close the browser window.

But unfortunately, that is not the case anymore because some websites have discovered a new technique to keep their cryptocurrenty mining software running in the background even when you close the offending browser window.

Security researchers from Malwarebytes, a well known anti-malware provider, have  posted a blog post how this technique works.

Basically, the infected site opens a hidden pop-up browser window that fits beind the task bar and hides behind the clock on your Microsoft’s Windows Computer.

Hidden from your view, the website will run the crypto-miner code and will eat up your CPU cycles unless you notice the window and close it.

It is a lot harder to identify and it can bypass most ad-blockers according to the reports.

Here are some techniques to counter these hidden cryptocurrency miners

  • if your CPU is having higher usage than usual, kill any suspicious looking browser windows in your taskbar.
  • check your system processes from the Task Manager for remnants of any browser  process and simply kill them.
  • Use antivirus software that automatically blocks cryptocurrency miners on web pages you visit. Unfortunately, Windows Defender is not capable of doing this. Sophos Home is a good AV that blocks malicious scripts from websites.
  • There is a web browser extension called No Coin that blocks cryptocurrency miners. but i have not tested this personally.

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s