Slashdot Mirror
First Ever Malvertising Campaign Uses JavaScript To Mine Cryptocurrencies In Your Browser (bleepingcomputer.com)
An anonymous reader writes from a report via Bleeping Computer: Malware authors are using JavaScript code delivered via malvertising campaigns to mine different cryptocurrencies inside people's browsers (mostly Monero), without their knowledge. The way crooks pulled this off was by using an online advertising company that allows them to deploy ads with custom JavaScript code. The JavaScript code is a modified version of MineCrunch (also known as Web Miner), a script released in 2014 that can mine cryptocurrencies using JavaScript code executed inside the browser. Cryptocurrency mining operations are notoriously resource-intensive and tend to slow down a user's computer. To avoid raising suspicion, crooks delivered malicious ads mainly on video streaming and browser-based gaming sites (currently mostly Ukrainian and Russian sites). Both types of sites use lots of resources, and users wouldn't get suspicious when their computer slowed down while accessing the site. Furthermore, users tend to linger more on browser games and video streaming services, allowing the mining script to do its job and generate profits for the crooks.
They just use resources which would have been wasted.
So this doesn't affect me.
Genius.
Despite being one of the causes of adblocker proliferation it's a nice change from the usual destructive malware in ads.
Must admit I've never really understood why advertising companies allow advertisers to run potentially unsafe code via their network. Surely it reflects badly on them and I'm too ignorant to understand the need for custom code with an advert.
Yet another excellent reason not to allow javascript. Javascript is cancer of the internt.
Right... I saw this on Hacker News the other day: A Crypto Miner for Your Website. Of course, my mind is clean, didn't think about all the abuse it could cause.
They want you to mine Basic Attention Tokens in your browser as an alternative to ads.
My laptop is so pathetic I'm wasting their time.
Apple's WebGPU means they can use GPUs to mine in the browser, not just CPUs. I expect a massive botnet of GPU miners to emerge in the future.
Why can't websites replace adverts with this, working for them?
That seems like a perfect way to get micro-transactions in a website without any micro-transaction having to occur, and it scales with time spent on the website.
Micropayments have never caught on because they're a pain to deal with. People might be willing to spend some of their CPU time though. They don't object too much to doing the millions of operations required for a few seconds of video (the objection is more the annoyance of the video itself)
I suspect CPU time is not valuable enough to make this sort of thing viable but maybe I'm wrong.
I'm surprised these scripts weren't already embedded everywhere
Why not write the mining and phone-home routines directly into the games that people are playing? It would probably improve efficiency considerably, and somewhere in the EULA it can be noted that the game is working on a distributed computing project in the background as the 'fee' for using their otherwise free game.
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
What advertising network? They should be known, publicly shamed, and every website operator should know not to do business with them.
Honestly, I wish there was a way for me to report an ad that's violating browser rules. I hate when I go to a real newspaper site that uses ads, and I get served an ad that takes over the whole window, hiding stuff behind, but there's no way for me, on my phone / tablet, to know who served the ad or report the ad placement. Makes me want to block all ads everywhere on my personal devices and networks, but THAT comes with issues because many sites and even many mobile apps refuse to function if they can't talk to the ad networks and/or Google/Adobe/etc..
. Define sqrt(x) as something really evil like (x / rand()), and bury it deep. Watch your coworkers go nuts.
Except it doesn't stop your ads and spam. 3 seconds after you manage to block a site another will just pop up because blacklisting is ineffective and easily circumvented. You offer kid sister level of security, nothing more. No go beat off to some conspiracy theory videos on youtube and complain about spooky dude and the jews some more.
I read "...mine different cryptocurrencies inside people's browsers (mostly Monero),..." and was like what's this new browser Monero that so many people are using that it's worth focusing malware on?
Maybe it could have been written better as: "...mine different cryptocurrencies (mostly Monero) inside people's browsers,..."
-Styopa
Malwarebytes hpHosts' hosts/RECOMMENDS me!
Aryeh Goretsky/ESET/NOD32: hosts = good security http://it.slashdot.org/comments.pl?sid=7442373&cid=49747129/
Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/columnists/491/ "Host file accessing the Internet - particularly browsing the Web - is actually faster... Spybot Search & Destroy offer lists of known malicious servers to add a layer of defense against trojans & other forms of malware"
OReilly hosts security -> http://oreilly.com/pub/a/windows/2004/03/30/hosts.html/ & hosts speed -> http://www.oreillynet.com/pub/a/network/excerpt/winxphacks_chap1/index1.html?page=3/
Steve Gibson endorses hosts https://www.grc.com/sn/sn-045.htm/
Brocke Wilders of WILDERS' SECURITY does inferior clone of MY work http://www.wilderssecurity.com/threads/hosts-block.378901/
APK
P.S.=> China = imitation = flattery http://www.theregister.co.uk/2017/04/26/boffins_supercharge_the_hosts_file_to_save_users_plagued_by_dns_outages/
I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell
his hosts program is actually pretty good by xenotransplant
his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg
(APK's) work, I've flat out said it's good by BronsCon
I've tried his hosts file generating software. It works by bmo
APK your posts on this & the hosts file posts, and more, have never been in error &/or bad advice by BlueStrat
Your premise that hostfiles are a good way to deal with advertising & malvertising is quite valid by JazzLad
I like your host file system by Karmashock
(NEED MORE? Ask!)
* It's recommended/hosted by Malwarebytes' hpHosts!
APK
P.S.=> See subject: Security & web pros do also https://developers.slashdot.org/comments.pl?sid=11116543&cid=55203625/ ... apk
The other thing to keep an eye on these days are WebSockets, I would be surprised if this JS BS incorporates that now or the near future. There don't appear to be memory limitations to WebSockets either.
Better vs. NoScript (block script sources before tag parses) APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/
Ads/script/malware rob speed/security/privacy/bandwidth.
Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).
Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!
Avoids DNSChangers in routers/IP settings & dns redirect (99.999% of ISP DNS != patched vs. it) + DNS requestlog tracking & lighten DNS load & resolve faster from local system RAM!
* Via what u NATIVELY have in a FASTER kernelmode IP stack!
APK
P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/
Http://wowhead.com has been doing this for over a year on their non mobile site. People are just realizing sites can do this now.