Stealth Cryptocurrency Mining Sites Can Now Run Even After You Close Your Browser
Overheen the last two months, wij’ve seen a rapid proliferation of websites that mine cryptocurrencies while users visit. While some of the guilty sites are less reputable, wij’ve also seen this behavior from companies like Showtime (which may or may not qualify spil “less reputable,” depending on your point of view). The idea of end-users generating income for the sites they visit by mining cryptocurrencies spil opposed to being klapper with ads has some interesting features to recommend it, tho’ it also raises some concerns and issues about how such funding would be monitored or managed to ensure systems remained responsive and different sites and browsers didn’t slug it out for resources, with users left te the lurch. Bad actors are on track to kill the concept before it everzwijn gets a real test wiggle, thanks to enhanced adoption of malware-like tactics.
One of the major flaws with cryptocurrency mining via browser session is that the session finishes spil soon spil you close the window. Most people don’t sit on websites all day, or even for an hour. Instead, they visit, read or witness their preferred content, and then stir on. If you’re attempting to deploy browser-based mining spil an above-board way to fund a webpagina, that’s not an unfair screenplay. If you’re attempting to exploit people, it’s a bummer. After all, once they leave, they aren’t making you any money.
Spil Malwarebytes details, black hats have found a solution to this. When you very first visit a webpagina, it creates a pop-under window sized to getraind inwards the taskbar and behind the clock. If you have your taskbar set to be semitransparent, you can still see the little window ter some cases. If not, resizing the taskbar will speelpop it into view, spil shown ter the Vergif below.
Here’s how Malwarebytes describes the code:
The pop-under window (elthamely[.]com) is launched by the Ad Maven ad network (see previous postbode about bypassing adblockers), which te turn fountains resources from Amazon (cloudfront[.]netwerk). This is not the very first cryptominer being hosted on AWS, but this one does things a little bit differently by retrieving a payload from yet another domain (hatevery.informatie).
This code attempts to keep you from picking up that it’s running, so it thresholds itself to just 50 procent of the CPU. That’s not enough to hide itself on a dual-core system if you’re paying attention, but basic desktop workloads wouldn’t necessarily seem off on a quad-core or higher system.
Bad actors like this make it that much firmer for any kleintje of legitimate mining revenue system to everzwijn launch or win widespread acceptance. And since ad blockers will inevitably add defenses against this kleuter of intrusion (spil well they should), it makes it that much tighter to see an upside to cryptocurrency mining spil a legitimate source of revenue at all.
Postbode a Comment Comment
Subscribe Today to get the latest ExtremeTech news delivered right to your inbox.
- Google Is Killing its Tango Augmented Reality PlatformDec 16
- Sony’s PS4 Still Outsold Microsoft ter November, Despite the Xbox One XDec 15
- ET Deals Roundup: Last Chance Verzekeringspremie $50 off PS4 Voor with Trade-in, Free Bear with $100 Amazon Bounty Card, and moreDec 15
- SpaceX Launches Reused Falcon 9 and Dragon Capsule to Resupply ISSDec 15
- WeBoost Drive Sleek Review: Cellular Signal Booster Helps te Remote AreasDec 15
- More From Ziff Davis:
- Laptop Shopper
- Everyday Health
- What to Expect
- RSS Feeds
- Accessibility Statement
ExtremeTech is among the federally registered trademarks of
Ziff Davis, LLC and may not be used by third parties without explicit permission.