A couple of months ago, a new threat called “Cryptojacking” was on the rise. It is basically hijacking your web browser so that the exploiter can use your device to mine cryptocurrency when you visit an infected website. Both PC and Mobile devices has been reported to be vulnerable to this exploit.
A prominent torrent website, The Pirate Bay, was one of the websites identified using Cryptojacking.
“This is only a test. We really want to get rid of all the ads. But we also need enough money to keep the site running,” says The Pirate Bay.
“Let us know what you think in the comments. Do you want ads or do you want to give away a few of your CPU cycles every time you visit the site?”
But unfortunately, that is not the case anymore because some websites have discovered a new technique to keep their cryptocurrenty mining software running in the background even when you close the offending browser window.
Security researchers from Malwarebytes, a well known anti-malware provider, have posted a blog post how this technique works.
Basically, the infected site opens a hidden pop-up browser window that fits beind the task bar and hides behind the clock on your Microsoft’s Windows Computer.
Hidden from your view, the website will run the crypto-miner code and will eat up your CPU cycles unless you notice the window and close it.
It is a lot harder to identify and it can bypass most ad-blockers according to the reports.
Here are some techniques to counter these hidden cryptocurrency miners
- if your CPU is having higher usage than usual, kill any suspicious looking browser windows in your taskbar.
- check your system processes from the Task Manager for remnants of any browser process and simply kill them.
- Use antivirus software that automatically blocks cryptocurrency miners on web pages you visit. Unfortunately, Windows Defender is not capable of doing this. Sophos Home is a good AV that blocks malicious scripts from websites.
- There is a web browser extension called No Coin that blocks cryptocurrency miners. but i have not tested this personally.