For many years, cyber criminals used the "cryptocurrency mining"(Extraction of cryptosmongers), making profits. Primarily, they were using malware or potentially unwanted apps installed on the victim's device. Currently, her researchers ESET have analyzed a special case mining of cryptocurrencies, executed directly on browser through one JavaScript.
Knowing that the defaults settings of most browser have been enabled JavaScript, cyber criminals just introduced it script for mining on sites with high traffic.
«When someone targets a large number of victims, it is easier to reach them by infecting sites than their devices directly. In this case, cybercriminals introduced it script on sites with high traffic, affecting mainly users in Russia, Ukraine, Belarus, Moldova and Kazakhstan» he explains ο Matthew Faou, Malware Researcher of ESET.
With the aim of "extracting" Feathercoin, Litecoin and Monero, cybercriminals introduced malicious JavaScript to sites that users visit to do streaming video and play online games. On specific sites, users stay for longer on the same site, which gives the opportunity to script "Mining" to run for longer and to use more power than the system.
"This method mining is less effective, as it is 1,5 to 2 times slower compared to mining with the regular software, but it is offset by the largest number of users that it affects, "he adds Faou.
Some regulators believe that existence mining for cryptocurrencies on a user's device, without his consent, is just as serious as the acquisition accessς στον υπολογιστή τους. Έτσι, οι προγραμματιστές τέτοιων υπηρεσιών θα πρέπει να το αναφέρουν με σαφήνεια πριν ξεκινήσουν τη procedure mining, which obviously does not happen in a format that uses malvertising methods.
Ο Matthew Faou gives some tips to protect users against this threat:
· Enable tracking mode for "Potentially Unsafe Applications end Potentially Unwanted Applications (PUA) "Solutions ESET Internet Security/ESET NOD32 Antivirus/ESET Smart Security Premium. Follow the instructions to install it yourself here.
· Keep your Internet security solution up to date. Here you can check if you have the latest solutions updates ESET for Windows for home users.
· Install an application ad blocker to / on browser which you use like this uBlock.
· In addition, you can install an application script blocker As the NoScript. Keep in mind that installing one script blocker at browser may disable some features on some sites.
For more details about cryptocurrency websites mining, visit the homonymous article Cryptocurrency websites mining: in union there is profit on WeLiveSecurity.com
