Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • SLOT
  • CASINO
  • SPORTSBET
  • SUBMIT
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • SLOT
  • CASINO
  • SPORTSBET
  • SUBMIT
Crypto Flexs
Home»HACKING NEWS»Staying safe in the age of browser-based cryptocurrency mining
HACKING NEWS

Staying safe in the age of browser-based cryptocurrency mining

By Crypto FlexsNovember 25, 20234 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Staying safe in the age of browser-based cryptocurrency mining
Share
Facebook Twitter LinkedIn Pinterest Email

Qualys Malware Research Labs announced the release of the Qualys BrowserCheck CoinBlocker Chrome extension to detect and block browser-based cryptocurrency mining. Cryptojacking.

Cryptojacking

Cryptojacking attacks leverage the resources of the victim’s system through malicious JavaScript to mine specific cryptocurrencies. Attackers carry out these attacks by infecting popular sites with JavaScript that enables cryptojacking. Every visitor to these sites downloads JavaScript and unknowingly provides system resources to mine cryptocurrency, which adds to the attacker’s wallet. The resource-intensive mining process is performed on the victim’s system and typically consumes more than 70% of the CPU, which can slow down system performance, increase power consumption, and cause permanent damage to the system.

Cryptojacking is very profitable because it helps attackers obtain cryptocurrency without spending a single penny on mining infrastructure. The overall cryptocurrency market cap has reached over $270 billion as of July 2018 with over 1,700 active projects! Attackers who leverage these projects can make a lot of money, and cryptocurrency mining is gradually moving to center stage in the threat landscape, making it a much more attractive option compared to the recently favored ransomware campaigns.

Cryptojacking has also recently become mainstream. Because it is safer from cybercriminals and webmasters than ransomware. Ransomware requires interaction with the victim to receive payment. And because cryptojacking is browser-based, it is easier to infect victims than to hack a server. Over time, as cryptocurrency mining becomes more resource-intensive in terms of computing power and power consumption, stealing these resources becomes increasingly attractive to attackers.

Cryptojacking and Monero

Monero (XMR), a relatively new cryptocurrency, is becoming a common target for cryptojackers because its mining algorithm (CryptoNight) is designed to be easily integrated, and its privacy and anonymity features also benefit hackers. Monero’s proof-of-work mining algorithm can be used with desktop or server-grade CPUs rather than the custom, specialized ASIC or GPU hardware required by traditional coin mining algorithms. This is an important aspect of the next generation of cryptocurrencies as it attempts to decentralize them and prevent mining monopolies from being created by a small number of users with access to specialized hardware. From an attacker’s perspective, the potential to gain significant profits from a privacy-enhanced desktop-class CPU makes it a lucrative option.

A popular technology used in most browser-based cryptocurrency mining algorithms is WASM (short for WebAssembly). It is a binary executable format for the web that makes JavaScript execution within the browser very efficient.

Figure 1. CryptoNight-based cryptocurrency market capitalization, June 2018. Source: https://coinmarketcap.com

infection

Security research blog Bad Packet Reports recently published an article stating that there are over 100,000 sites currently infected with cryptojacking malware. Many of these sites appear to have been compromised using exploits for Drupalgeddon 2. This attack exploits the CVE-2018-7600 vulnerability even after the patch has already been available for several months. (Note: Always apply patches regularly!) There are reports of malware campaigns leveraging exploits for this recently announced vulnerability to compromise victims and inject coin mining scripts. When a user visits a compromised site, the system unknowingly contributes to solving a cryptographic puzzle that benefits the attacker.

To protect your users from draining your computer’s resources through unauthorized coin mining scripts running on your computer, you should block access to the following popular coin mining services:

  • Coinhive(.)com
  • load(.)jsecoin(.)com
  • crypto-loot(.)com
  • coin-have(.)com
  • ppoi(.)org
  • Cryptocurrency(.)Pro
  • chat(.)com
  • CoinLab(.)us

Qualys BrowserCheck CoinBlocker Extension for Google Chrome

Based on extensive research by Qualys Malware Research Labs, we announce Qualys BrowserCheck CoinBlocker, a new Google Chrome browser extension to protect users from browser-based coin mining attacks.

Here are some screenshots of Qualys BrowserCheck CoinBlocker in action.

Figure 2 Qualys BrowserCheck CoinBlocker

Figure 3 Qualys BrowserCheck CoinBlocker detection log

Qualys BrowserCheck CoinBlocker Extension not only relies on domain blacklists, but also uses heuristics to identify underlying crypto mining algorithms such as CryptoNight (used to mine Monero) and various artifacts.

Detecting traditional cryptocurrency mining threats

Cryptocurrency mining is also not limited to browser-based scripts, as we have seen certain attackers infect systems with persistent malware that runs outside of the browser to perform cryptocurrency mining. To detect such malware, security professionals can use the Qualys Indication of Compromise (IOC) solution to gain two-second visibility into coin mining and other malware across their organization. Qualys IOC includes behavioral-based malware suite detection for the following coin mining threats:

  • CryptoMinerA
  • Cryptominer B
  • CryptoMinerC
  • Cryptominer D
  • CryptoMinerE
  • Nexminer

Cryptocurrency mining has emerged as an online threat that is expected to grow as digital currencies and blockchain technology gain widespread acceptance. Attackers are using a variety of techniques to use unsuspecting users’ systems for malicious purposes. We recommend that you regularly scan your system for vulnerabilities using a tool such as Qualys BrowserCheck. Protect yourself online from cryptocurrency mining attacks with the Qualys BrowserCheck CoinBlocker Chrome extension.

Related

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Cryptocurrency trader, OTC fraud claims $ 1.4 million losses, guessing due to KUCOIN deposits

October 7, 2025

Cake Eyes 60% Rally Pancake WAP

October 5, 2025

Lombard Liquid Bitcoin Summary Summary

October 3, 2025
Add A Comment

Comments are closed.

Recent Posts

FLOKI Funds Clean Water Wells In Africa Through Partnership With WWFA

October 8, 2025

Jiuzi Holdings, Inc. Announces Phased Rollout Of $1 Billion Cryptocurrency Acquisition Plan; First Bitcoin Purchase To Be Completed Within Two Weeks

October 8, 2025

Rome Launches Its Genesis NFT Collection “Imperia” On Magic Eden Launchpad

October 8, 2025

BNB price is less than $1,300 on Meme Season Buzz

October 8, 2025

Cryptocurrency trader, OTC fraud claims $ 1.4 million losses, guessing due to KUCOIN deposits

October 7, 2025

Meanwhile, Bitcoin Life Insurer, Secures $82M To Meet Soaring Demand For Inflation-Proof Savings

October 7, 2025

Pepeto Presale Exceeds $6.93 Million; Staking And Exchange Demo Released

October 7, 2025

Eightco Holdings Inc. ($ORBS) Digital Asset Treasury Launches “Chairman’s Message” Video Series

October 7, 2025

Zeta Network Group Enters Strategic Partnership With SOLV Foundation To Advance Bitcoin-Centric Finance

October 7, 2025

Saylor tells MRBAST to buy Bitcoin even after pause the BTC purchase.

October 7, 2025

Bitcoin Steadies at Rally -Is another powerful brake out just in the future?

October 6, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

FLOKI Funds Clean Water Wells In Africa Through Partnership With WWFA

October 8, 2025

Jiuzi Holdings, Inc. Announces Phased Rollout Of $1 Billion Cryptocurrency Acquisition Plan; First Bitcoin Purchase To Be Completed Within Two Weeks

October 8, 2025

Rome Launches Its Genesis NFT Collection “Imperia” On Magic Eden Launchpad

October 8, 2025
Most Popular

Solana price hits 3-month high as data hints at SOL rally above $200.

October 29, 2024

Honduras breaks ground by officially recognizing Bitcoin for economic transactions

January 8, 2024

Security Warning 1 (windows+alethzero) | Ethereum Foundation Blog

May 2, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.