For many years, cyber criminals used the "cryptocurrency mining"(Extraction of cryptosmongers), making profits. Primarily, they were using malware or potentially unwanted applications that were installed on the victim's device. Currently, researchers of ESET have analyzed a special case mining of cryptocurrencies, executed directly on browser through one JavaScript.
Knowing that the default settings of most browser have been enabled JavaScript, cyber criminals just introduced it script for mining on sites with high traffic.
«When someone is targeting a large number of victims, it is easier to reach them by infecting websites rather than directly Appliances their. In this particular case, cybercriminals introduced the script on sites with high traffic, affecting mainly users in Russia, Ukraine, Belarus, Moldova and Kazakhstan» he explains ο Matthew Faou, Malware Researcher of ESET.
With the aim of "extracting" Feathercoin, Litecoin and Monero, cybercriminals introduced malicious JavaScript to sites that users visit to do streaming video and play online παιχνίδια. Στους συγκεκριμένους ιστότοπους οι χρήστες παραμένουν για μεγαλύτερο χρονικό space in the same by clicking here, which gives the opportunity to script "Mining" to run for longer and to use more power than the system.
"This method mining is less effective, as it is 1,5 to 2 times slower compared to mining with the regular software, but it is offset by the largest number of users that it affects, "he adds Faou.
Some regulators believe that existence mining for cryptocurrencies a user's device, without his consent, is just as serious as gaining access to their computer. Thus, developers of such services should clearly state this before starting the process mining, κάτι που προφανώς δεν συμβαίνει σε ένα σχήμα που χρησιμοποιεί μεθόδους malvertising.
Ο Matthew Faou gives some tips to protect users against this threat:
· Enable tracking mode for "Potentially Unsafe Applications end Potentially Unwanted Applications (PUA) "Solutions ESET Internet Security/ESET NOD32 Antivirus/ESET Smart Security Premium. Follow the instructions to install it yourself here.
· Keep your Internet security solution up to date. Here you can check if you have the latest solutions updates ESET for Windows for home users.
· Install an application ad blocker to / on browser which you use like this uBlock.
· In addition, you can install an application script blocker As the NoScript. Please note that the installation one script blocker at browser may disable some features on some sites.
For more details about cryptocurrency websites mining, visit the homonymous article Cryptocurrency websites mining: in union there is profit on WeLiveSecurity.com
