Websites using Malvertising to Mine Monero
Annoying web ads can really impede one's browsing experience. However, how about the prospect of your browser doing a bit of Monero mining whenever you visit a page?
We have previously heard how Russian hackers have resorted to spreading malware that embeds itself on the user's machine to mine Monero. However, this would require the user to download the Malware in some way. This is generally one of the hardest parts.
Hackers have therefore decided that it can be much easier to get a user to visit a page on a website and mine that Monero with the browser. Malvertising is a form of malware that aims to present the user with adverts. As users have become wiser to intrusive ads, these hackers have found that the mining malvertising is much more efficient.
Choosing the Targets
At current, the malvertising code is targeting users who use gaming and streaming sites. This is reasonable given that most of these users have advanced graphics cards or GPUs which can mine the Monero more efficiently.
For example, many users of the Peer-to-Peer downloading site, Piratebay became aware that their PCs were running a bit slower than ususal when they visited a particular page on the site. Upon closer examination they discovered the code in the footer of the page. It is an external script that is provided by coinhive. Below is the script that is run when it loads.
This has been throttled at 0.8 in order to hide the immediate effect that this would have on the speed of the PC. However, this was picked up by users on the Piratebay website and they raised it with a number of the admins. The response from the admins was that this was an alternative way for them to generate some revenue without bombarding the users with a great deal of ads.
There is also another script which is a modified version of MineCrunch. This was a script that was developed in 2014 and appears to be used more and more. It can also mine Zcash and Litecoin.
Adblock to the Rescue
Featured Image via Fotolia
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.