Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
  • TRADE
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
  • TRADE
Crypto Flexs
Home»HACKING NEWS»Staying safe in the age of browser-based cryptocurrency mining
HACKING NEWS

Staying safe in the age of browser-based cryptocurrency mining

By Crypto FlexsNovember 25, 20234 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Staying safe in the age of browser-based cryptocurrency mining
Share
Facebook Twitter LinkedIn Pinterest Email

Qualys Malware Research Labs announced the release of the Qualys BrowserCheck CoinBlocker Chrome extension to detect and block browser-based cryptocurrency mining. Cryptojacking.

Cryptojacking

Cryptojacking attacks leverage the resources of the victim’s system through malicious JavaScript to mine specific cryptocurrencies. Attackers carry out these attacks by infecting popular sites with JavaScript that enables cryptojacking. Every visitor to these sites downloads JavaScript and unknowingly provides system resources to mine cryptocurrency, which adds to the attacker’s wallet. The resource-intensive mining process is performed on the victim’s system and typically consumes more than 70% of the CPU, which can slow down system performance, increase power consumption, and cause permanent damage to the system.

Cryptojacking is very profitable because it helps attackers obtain cryptocurrency without spending a single penny on mining infrastructure. The overall cryptocurrency market cap has reached over $270 billion as of July 2018 with over 1,700 active projects! Attackers who leverage these projects can make a lot of money, and cryptocurrency mining is gradually moving to center stage in the threat landscape, making it a much more attractive option compared to the recently favored ransomware campaigns.

Cryptojacking has also recently become mainstream. Because it is safer from cybercriminals and webmasters than ransomware. Ransomware requires interaction with the victim to receive payment. And because cryptojacking is browser-based, it is easier to infect victims than to hack a server. Over time, as cryptocurrency mining becomes more resource-intensive in terms of computing power and power consumption, stealing these resources becomes increasingly attractive to attackers.

Cryptojacking and Monero

Monero (XMR), a relatively new cryptocurrency, is becoming a common target for cryptojackers because its mining algorithm (CryptoNight) is designed to be easily integrated, and its privacy and anonymity features also benefit hackers. Monero’s proof-of-work mining algorithm can be used with desktop or server-grade CPUs rather than the custom, specialized ASIC or GPU hardware required by traditional coin mining algorithms. This is an important aspect of the next generation of cryptocurrencies as it attempts to decentralize them and prevent mining monopolies from being created by a small number of users with access to specialized hardware. From an attacker’s perspective, the potential to gain significant profits from a privacy-enhanced desktop-class CPU makes it a lucrative option.

A popular technology used in most browser-based cryptocurrency mining algorithms is WASM (short for WebAssembly). It is a binary executable format for the web that makes JavaScript execution within the browser very efficient.

Figure 1. CryptoNight-based cryptocurrency market capitalization, June 2018. Source: https://coinmarketcap.com

infection

Security research blog Bad Packet Reports recently published an article stating that there are over 100,000 sites currently infected with cryptojacking malware. Many of these sites appear to have been compromised using exploits for Drupalgeddon 2. This attack exploits the CVE-2018-7600 vulnerability even after the patch has already been available for several months. (Note: Always apply patches regularly!) There are reports of malware campaigns leveraging exploits for this recently announced vulnerability to compromise victims and inject coin mining scripts. When a user visits a compromised site, the system unknowingly contributes to solving a cryptographic puzzle that benefits the attacker.

To protect your users from draining your computer’s resources through unauthorized coin mining scripts running on your computer, you should block access to the following popular coin mining services:

  • Coinhive(.)com
  • load(.)jsecoin(.)com
  • crypto-loot(.)com
  • coin-have(.)com
  • ppoi(.)org
  • Cryptocurrency(.)Pro
  • chat(.)com
  • CoinLab(.)us

Qualys BrowserCheck CoinBlocker Extension for Google Chrome

Based on extensive research by Qualys Malware Research Labs, we announce Qualys BrowserCheck CoinBlocker, a new Google Chrome browser extension to protect users from browser-based coin mining attacks.

Here are some screenshots of Qualys BrowserCheck CoinBlocker in action.

Figure 2 Qualys BrowserCheck CoinBlocker

Figure 3 Qualys BrowserCheck CoinBlocker detection log

Qualys BrowserCheck CoinBlocker Extension not only relies on domain blacklists, but also uses heuristics to identify underlying crypto mining algorithms such as CryptoNight (used to mine Monero) and various artifacts.

Detecting traditional cryptocurrency mining threats

Cryptocurrency mining is also not limited to browser-based scripts, as we have seen certain attackers infect systems with persistent malware that runs outside of the browser to perform cryptocurrency mining. To detect such malware, security professionals can use the Qualys Indication of Compromise (IOC) solution to gain two-second visibility into coin mining and other malware across their organization. Qualys IOC includes behavioral-based malware suite detection for the following coin mining threats:

  • CryptoMinerA
  • Cryptominer B
  • CryptoMinerC
  • Cryptominer D
  • CryptoMinerE
  • Nexminer

Cryptocurrency mining has emerged as an online threat that is expected to grow as digital currencies and blockchain technology gain widespread acceptance. Attackers are using a variety of techniques to use unsuspecting users’ systems for malicious purposes. We recommend that you regularly scan your system for vulnerabilities using a tool such as Qualys BrowserCheck. Protect yourself online from cryptocurrency mining attacks with the Qualys BrowserCheck CoinBlocker Chrome extension.

Related

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Encryption Inheritance Update: June 2025

June 25, 2025

HyperLend Protocol Thanksgiving Summary -Ackee Blockchain

June 21, 2025

Encryption inheritance: Roundup -February 20125

June 19, 2025
Add A Comment

Comments are closed.

Recent Posts

Earns $9,800 Per Day With BTC Breaks Through $107,000, GoldenMining Global Market.

June 27, 2025

Why Bakkt Holdings can buy Bitcoin with a $ 1 billion increase

June 27, 2025

NVIDIA RTX strengthens FITY’s AI -centered innovation in Cooler Design.

June 27, 2025

Join Earn Mining To Mine Easily And Earn $7752 A Day

June 26, 2025

Bitcoin prices return to green -building exercise for more profits

June 26, 2025

Weed® Announces Partnership With Khalifa Kush; Launches Global Commercialization

June 26, 2025

GBM Launches Auction Festival With The Sandbox, Aavegotchi, Unstoppable Domains, And More

June 26, 2025

French “Spiderman” Scales Skyscraper To Launch World’s First Action Token

June 26, 2025

Deribit And SignalPlus Launch “The Summer Chase” Trading Competition 2025 Featuring A $300,000+ USDC Prize Pool

June 26, 2025

Why I am still optimistic despite noise

June 26, 2025

SEI tokens have soared more than 100% in June -the highest catalyst explained.

June 26, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

Earns $9,800 Per Day With BTC Breaks Through $107,000, GoldenMining Global Market.

June 27, 2025

Why Bakkt Holdings can buy Bitcoin with a $ 1 billion increase

June 27, 2025

NVIDIA RTX strengthens FITY’s AI -centered innovation in Cooler Design.

June 27, 2025
Most Popular

Binance Futures Launches Simulated Copy Trading Competition with 30,000 USDT Rewards

July 20, 2024

Ethereum Outperforms Bitcoin After ETF Launch As ETH/BTC Ratio Soars.

January 19, 2024

Despite the Solana staking incident, SOL is not affected. Why?

August 30, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.