Our tests were conducted using the latest version of the Google Chrome browser. However, we have come across a technique that allows dubious website owners or attackers that have compromised sites to keep mining for Monero even after the browser window is closed. Indeed, when users close their browser, the cryptomining activity will also stop, thereby cutting out the perpetrators’ profit. One of the major drawbacks of web-based cryptomining we mentioned in our paper was its ephemeral nature compared to persistent malware that can run a miner for as long as the computer remains infected. Servers continue to get hacked with mining code, and plugins get hijacked and affect hundreds or even thousands of sites at once. Since our last blog on drive-by cryptomining, we are witnessing more and more cases of abuse involving the infamous Coinhive service that allows websites to use their visitors to mine the Monero cryptocurrency.
0 Comments
Leave a Reply. |