New drive-by cryptocurrency miners keep running even after you close your browser

midian182

midian182

Posts: 9,741   +121
Staff member

The price of Bitcoin may have suddenly dropped by almost $2000 after passing the $11,000 milestone yesterday, but it’s since regained some ground and is currently worth just under $10,500. These high prices are partly why drive-by cryptomining—a practice that uses the CPUs of website visitors to mine crytpocurrencies—is becoming popular. But researchers have discovered an even more sinister element to these techniques: the sites can continue utilizing other people’s hardware even after they’ve closed their web browsers.

The Pirate Bay—the world’s most popular torrent site—was caught using a Javascript-based Monero miner embedded in the site’s footer back in September. Although the miner’s provider, Coinhive, says this is a legitimate service, it does not endorse sites that use it without first informing visitors.

The Pirate Bay said the miner was just a test and it has now been removed. Since then, the same system has been found on websites belonging to Showtime and Politifact. Whether this was the work of the companies themselves or hackers is still unclear.

Having your CPU usage spike when visiting certain websites is definitely annoying, to say the least, but visitors can always just leave the page to stop the drive-by mining. However, a blog post from Malwarebytes Labs yesterday revealed that some sites could keep the software running in the background after users close their browsers.

The system works by opening a pop-under window that’s slotted behind the Windows taskbar and hides under the clock. It will remain hidden from view indefinitely and keeps mining Moreno until a user takes action to close it.

The pop-under window is launched by the Ad Maven ad network, which in turn runs a cyptominer hosted by Amazon Web Services.

CPU usage rises above 50 percent while the window is open, but the code has been designed to ensure the processor isn’t maxed out, thereby reducing the chance of a user noticing something wrong.

The technique works on the latest version of Chrome running on the latest versions of Windows 7 and Windows 10. Users are advised to check their browser icon in the taskbar, which will be highlighted if a window is running. Alternatively, run Task Manager to ensure there are no suspicious extra browser processes.

Permalink to story.

https://www.techspot.com/news/72106-new-drive-cryptocurrency-miners-keep-running-even-after.html

 
This was posted on Ars yesterday.... I'm kind of shocked that it's not more prevalent... it's one thing spreading malicious malware... but the ideal kind of "malicious hacking" ought to be profitable - I'm sure legitimate companies will be attempting to find ways to coopt their customers into mining coins for them soon enough...

How long until your mobile phone is mining coins while it's charging at night - or your cable box while you sleep?
 
  • Like
Reactions: Reehahs and BSim500
This is why mining should be banned period. There is no way of controlling the people who will take advantage of it.
 
Chrome, huh? I have avoided Chrome since it is associated with gagme and I simply do not trust gagme to not be monitoring me all the time when using chrome even if I tell it not to. Unless I am given an exceptional reason, I will never use chrome and this makes me even more glad that I have avoided it.

I have to wonder if this does affect the usage of other browsers.

Is there a domain that can be blocked by ad/script blockers?
cliffordcooley said:
This is why mining should be banned period. There is no way of controlling the people who will take advantage of it.
Click to expand...
I agree there are some compelling reasons to ban mining altogether. I disagree in that doing so would be a heavy-handed approach. Such an approach might affect those who do not engage in such tactics, and, as I see it that would be unfair to them. Even if mining were banned, the people who are engaging in these tactics would likely still do so, IMO.

As I see it, these stealth mining tactics directly compare to viruses and/or security holes. If gagme wants any credibility, they should find a way to block this in chrome, and other browsers should also find a way to block these exploits, too.
Squid Surprise said:
I'm sure legitimate companies will be attempting to find ways to coopt their customers into mining coins for them soon enough...
Click to expand...
As I see it, that would then take those legitimate companies into the realm of illegitimacy, or at the least, it would degrade any reputation of integrity that the company may have. This would be a big risk for them because a sullied reputation ultimately hurts a company. I am not saying it cannot or will not happen - just that if it does, a legitimate company is taking a big risk. So far, it sounds like only entities whose reputation is questionable to begin with have engaged in the practice - especially as regards to disclosure of the tactic or attempting to hide it on an end user's machine.
 
3 reasons why I'm not worried.

1. I use firefox Quantum with Ab block plus installed.
2. I have ab blocking done at the router level.
3. I'm not some noob I would notice the cpu usage spike, it wouldn't be a huge deal on my rig since I have a 6 core cpu.
 
Last edited:
  • Like
Reactions: Reehahs
wiyosaya said:
I agree there are some compelling reasons to ban mining altogether. I disagree in that doing so would be a heavy-handed approach. Such an approach might affect those who do not engage in such tactics, and, as I see it that would be unfair to them. Even if mining were banned, the people who are engaging in these tactics would likely still do so, IMO.
Click to expand...
I might change my mind if you could explain, why so much processing power is needed in the first place. Currently I can only see it as a huge waste of energy. And when these tactics are used it becomes Malware in the form of a BOT net. Both of which are bad for the end users machine. And that is on top of every one wasting energy for what exactly?

If my machine is going to process transactions, I want a bigger cut for the transactions. At least enough to cover the cost of electricity used in processing the transaction. I can guarantee anyone that mines is only making someone else richer. The whole concept is a gambling ponzi scheme, which should not be allowed at all.
 
Lionvibez said:
3 reasons why I'm not worried.

1. I use firefox Quantum with Ab block plus installed. AD Block+ has been known to white list paying customers so switch to uBlock Origin

2. I have ab blocking done at the router level. Good for you not all routers support that although you can use OpenDNS to do such to perform ad blocking at the DNS level

3. I'm not some noob I would noticed the cpu usage spike, it would'nt be a huge deal on my rig since I'm on a 6 core cpu. A six core CPU just means they'll mine more on you PC than on an 4 core based system likewise with an 8 Core CPU they'll just spread it out and use more cores and cycles to mine
Click to expand...
 
cliffordcooley said:
I might change my mind if you could explain, why so much processing power is needed in the first place. Currently I can only see it as a huge waste of energy. And when these tactics are used it becomes Malware in the form of a BOT net. Both of which are bad for the end users machine. And that is on top of every one wasting energy for what exactly?

If my machine is going to process transactions, I want a bigger cut for the transactions. At least enough to cover the cost of electricity used in processing the transaction. I can guarantee anyone that mines is only making someone else richer. The whole concept is a gambling ponzi scheme, which should not be allowed at all.
Click to expand...
The energy use of mining is my biggest concern, too, and I will not try to defend it.

That said, a simple answer to why it takes so much energy to mine bitcoin is that as time goes on, the calculations get more complex, and every time you make a calculation, you must ensure that it is correct. Apparently, ensuring that the calculation is correct is the most energy intensive part since it sounds like it is prone to error. It sounds like almost every calculation made is incorrect except for the, as time goes on, statistically more rare good result. There is a good article on it at this link that covers the energy consumption and better explains why it takes so much energy to do the calculations. https://spectrum.ieee.org/energy/policy/the-ridiculous-amount-of-energy-it-takes-to-run-bitcoin

I will note that there are people aware of the energy consumption issue and there are efforts to make the calculations more efficient and less energy intensive.
 
Chrome users should add the Antiminer extension. The biggest player, is the biggest target.
 
If you have a phone that's Android 7+ based then you should have an built in blocker and the ability to report the numbers aswell atleast my Samsung Galaxy J2 Pro running Android 7.1.1 does
 
You must log in or register to reply here.

Similar threads

E
Crypto miners are buying up all the AMD Ryzen CPUs
2
Replies
35
Views
649
Karlos95
Karlos95
midian182
Amazon CEO says company is going all-in on generative AI, thinks it could be as big as the cloud and internet
Replies
3
Views
112
OortCloud
O
midian182
Google launches Chrome Enterprise Premium, a paid-for browser with advanced security features
Replies
7
Views
133
noXLar
noXLar

Latest posts

Back