Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • HACKING
  • SLOT
  • CASINO
  • SUBMIT
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • HACKING
  • SLOT
  • CASINO
  • SUBMIT
Crypto Flexs
Home»HACKING NEWS»Staying safe in the age of browser-based cryptocurrency mining
HACKING NEWS

Staying safe in the age of browser-based cryptocurrency mining

By Crypto FlexsNovember 25, 20234 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Staying safe in the age of browser-based cryptocurrency mining
Share
Facebook Twitter LinkedIn Pinterest Email

Qualys Malware Research Labs announced the release of the Qualys BrowserCheck CoinBlocker Chrome extension to detect and block browser-based cryptocurrency mining. Cryptojacking.

Cryptojacking

Cryptojacking attacks leverage the resources of the victim’s system through malicious JavaScript to mine specific cryptocurrencies. Attackers carry out these attacks by infecting popular sites with JavaScript that enables cryptojacking. Every visitor to these sites downloads JavaScript and unknowingly provides system resources to mine cryptocurrency, which adds to the attacker’s wallet. The resource-intensive mining process is performed on the victim’s system and typically consumes more than 70% of the CPU, which can slow down system performance, increase power consumption, and cause permanent damage to the system.

Cryptojacking is very profitable because it helps attackers obtain cryptocurrency without spending a single penny on mining infrastructure. The overall cryptocurrency market cap has reached over $270 billion as of July 2018 with over 1,700 active projects! Attackers who leverage these projects can make a lot of money, and cryptocurrency mining is gradually moving to center stage in the threat landscape, making it a much more attractive option compared to the recently favored ransomware campaigns.

Cryptojacking has also recently become mainstream. Because it is safer from cybercriminals and webmasters than ransomware. Ransomware requires interaction with the victim to receive payment. And because cryptojacking is browser-based, it is easier to infect victims than to hack a server. Over time, as cryptocurrency mining becomes more resource-intensive in terms of computing power and power consumption, stealing these resources becomes increasingly attractive to attackers.

Cryptojacking and Monero

Monero (XMR), a relatively new cryptocurrency, is becoming a common target for cryptojackers because its mining algorithm (CryptoNight) is designed to be easily integrated, and its privacy and anonymity features also benefit hackers. Monero’s proof-of-work mining algorithm can be used with desktop or server-grade CPUs rather than the custom, specialized ASIC or GPU hardware required by traditional coin mining algorithms. This is an important aspect of the next generation of cryptocurrencies as it attempts to decentralize them and prevent mining monopolies from being created by a small number of users with access to specialized hardware. From an attacker’s perspective, the potential to gain significant profits from a privacy-enhanced desktop-class CPU makes it a lucrative option.

A popular technology used in most browser-based cryptocurrency mining algorithms is WASM (short for WebAssembly). It is a binary executable format for the web that makes JavaScript execution within the browser very efficient.

Figure 1. CryptoNight-based cryptocurrency market capitalization, June 2018. Source: https://coinmarketcap.com

infection

Security research blog Bad Packet Reports recently published an article stating that there are over 100,000 sites currently infected with cryptojacking malware. Many of these sites appear to have been compromised using exploits for Drupalgeddon 2. This attack exploits the CVE-2018-7600 vulnerability even after the patch has already been available for several months. (Note: Always apply patches regularly!) There are reports of malware campaigns leveraging exploits for this recently announced vulnerability to compromise victims and inject coin mining scripts. When a user visits a compromised site, the system unknowingly contributes to solving a cryptographic puzzle that benefits the attacker.

To protect your users from draining your computer’s resources through unauthorized coin mining scripts running on your computer, you should block access to the following popular coin mining services:

  • Coinhive(.)com
  • load(.)jsecoin(.)com
  • crypto-loot(.)com
  • coin-have(.)com
  • ppoi(.)org
  • Cryptocurrency(.)Pro
  • chat(.)com
  • CoinLab(.)us

Qualys BrowserCheck CoinBlocker Extension for Google Chrome

Based on extensive research by Qualys Malware Research Labs, we announce Qualys BrowserCheck CoinBlocker, a new Google Chrome browser extension to protect users from browser-based coin mining attacks.

Here are some screenshots of Qualys BrowserCheck CoinBlocker in action.

Figure 2 Qualys BrowserCheck CoinBlocker

Figure 3 Qualys BrowserCheck CoinBlocker detection log

Qualys BrowserCheck CoinBlocker Extension not only relies on domain blacklists, but also uses heuristics to identify underlying crypto mining algorithms such as CryptoNight (used to mine Monero) and various artifacts.

Detecting traditional cryptocurrency mining threats

Cryptocurrency mining is also not limited to browser-based scripts, as we have seen certain attackers infect systems with persistent malware that runs outside of the browser to perform cryptocurrency mining. To detect such malware, security professionals can use the Qualys Indication of Compromise (IOC) solution to gain two-second visibility into coin mining and other malware across their organization. Qualys IOC includes behavioral-based malware suite detection for the following coin mining threats:

  • CryptoMinerA
  • Cryptominer B
  • CryptoMinerC
  • Cryptominer D
  • CryptoMinerE
  • Nexminer

Cryptocurrency mining has emerged as an online threat that is expected to grow as digital currencies and blockchain technology gain widespread acceptance. Attackers are using a variety of techniques to use unsuspecting users’ systems for malicious purposes. We recommend that you regularly scan your system for vulnerabilities using a tool such as Qualys BrowserCheck. Protect yourself online from cryptocurrency mining attacks with the Qualys BrowserCheck CoinBlocker Chrome extension.

Related

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

After BTS Star Jungkook has 39 billion hacking, South Korea will crack down on encryption fraud.

August 30, 2025

The US government checks the economic data on the chain with 60% Pyth Rocket 60% Pyth Network.

August 28, 2025

Complete re -creation practice guide -AcKee Blockchain

August 26, 2025
Add A Comment

Comments are closed.

Recent Posts

Metaplanet’s bitcoin strategy is having trouble with stock plummet in the crisis of financing.

August 31, 2025

Next chapter of ecosystem support program

August 31, 2025

Ether Lee (ETH) tests major support for $ 4,453 after the highest rejection.

August 31, 2025

BNB price forecast: Target $ 890- $ 900 in September 2025.

August 31, 2025

After BTS Star Jungkook has 39 billion hacking, South Korea will crack down on encryption fraud.

August 30, 2025

FY Energy Offers Industry-leading Cloud Computing Systems, Offering Opportunities For Daily Passive Income Of $7,580 Through Mining.

August 30, 2025

Four coins to be purchased as decisions for five branch XRP ETFs will be pushed until October.

August 30, 2025

Ethereum-Based Meme Project Pepeto ($PEPETO) Surges Past $6.5M In Presale

August 29, 2025

Use Australia’s Top Cloud Mining Tools To Become A Millionaire!

August 29, 2025

Bitcoin is under pressure with gold aiming to be the highest ever.

August 29, 2025

The US government posts GDP data on Bitcoin block chain.

August 28, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

Metaplanet’s bitcoin strategy is having trouble with stock plummet in the crisis of financing.

August 31, 2025

Next chapter of ecosystem support program

August 31, 2025

Ether Lee (ETH) tests major support for $ 4,453 after the highest rejection.

August 31, 2025
Most Popular

Tether CEO Paolo Ardoino says USDT is the most successful tool for the US dollar hegemony.

February 26, 2025

Nikkei and Gold Sway as Nvidia Crashes, Bitcoin Price Targets Include $50K

September 4, 2024

Cardano Sets for a Boost with Two Key Upgrades: Hoskinson

April 8, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.