ESET, a global leader in cybersecurity, has discovered a new tactic being used by cybercriminals to profiteer through the mining of cryptocurrencies on the web.
By using malware or potentially unwanted applications installed on the victim’s machine, cybercriminals have for several years taken advantage of cryptocurrency mining in order to realise a profit.
Now, ESET researchers have successfully analysed a special case of mining of cryptocurrencies – done directly within a user’s web browser using JavaScript.
Knowing that the default settings of most browsers include activated JavaScript, attackers can simply insert the mining script in websites such as video streaming, gaming and news sites that receive large amounts of traffic.
“It is easier to reach a significant number of victims by infecting websites than it is by infecting users’ machines. In this case, attackers were injecting scripts in high-traffic websites impacting mostly Russian, Ukrainian, Belarusian, Moldavian and Kazakh users,” explains Matthieu Faou, Malware Researcher at ESET.
To mine Feathercoin, Litecoin and Monero, attackers injected malicious JavaScript into video streaming and in-browser gaming websites, since their users tend to spend more time on the same webpage, which allowed the mining scripts to run longer and use more computing power.
“Although this method of mining is 1.5 to 2 times slower when compared to crypto coin mining with regular software, it is counterbalanced by the potentially higher number of impacted users,” added Faou.
Some regulatory bodies consider mining cryptocurrencies on a user’s machine without consent equivalent to gaining access to the computer. Thus, developers of such services are expected to advertise it clearly before starting mining, but which rarely happens in these types of distribution scheme using malvertising.
ALSO SEE: ESET discovers new threat targeting gamers
To protect oneself against this kind of threat, ESET advices that users should enable detection of Potentially Unsafe Applications and Potentially Unwanted Applications (PUA) in ESET Internet Security, ESET NOD32 Antivirus and ESET Smart Security Premium solutions while also running regular updates.
One can also consider installing their preferred Ad blocker in their browsers. Additionally, one can also install a script blocker in their browser but which could however disable some websites functionalities.
Leave a comment