Reports indicate that a new hacker attack wave is being used against computer victims worldwide by distributing cryptocurrency miners via malicious scripts on websites. One of the most famous examples are some of the mirrors of the Pirate Bay torrent tracker.
Cryptocurrency Miners Infect Computers Worldwide
Security researchers signal that a new attack trend is currently being used against computer victims worldwide. The hacker collectives are using Javascript code to bundle malicious code that launch special “miner” software. They use the resources of the compromised machines to generate income for the hackers. Algorithms are used to process complex cryptocurrency transactions. When the tasks are done and reported the money is being rewarded to the wallets of the hacker operators.
Depending on the site and the chosen digital currency different miners and configuration options can be predefined by the criminals. In certain cases a complex initiation route is followed. An example execution sequence can be the following:
- Initial Site Visit ‒ When the user navigates to the hacker-controlled site the initial infection may not begin at once. Advanced forms can utilize an information harvesting process which is used to analyze the computer’s hardware and test the performance.
- Automatic Configuration ‒ Depending on the statistics of the computer the target wallet and miner is chosen.
- Miner Start ‒ The crypto currency miner is started and the computer automatically runs the resource-intensive operations as long as the visitor is on the page.
Depending on the individual case the miner software can infect the victim computers and remain on the system even after the visitors have left the site. The security researchers state that different crypto currencies can be used, the most popular options are Bitcoin and Monero.
Cryptocurrency Miners Spread Rapidly on Sites
One of the most famous cases that became famous news are several mirrors of the Pirate Bay. According to the released reports the site operators are not doing this out of malicious intent but rather as a way to finance the site instead of relying on donations. This sparked a trend among webmasters which started to implement the Javascript cryptocurrency miners on their sites as well. The trend turned out to become an effective and lucrative option which can generate considerable income if the host site is high traffic. A new report showcases that 2.2% of the top sites reported by Alexa are utilizing the miners. The statistics account for 220 total sites which aggregate a total of 500 million of individual users.
Right now special adblockers and browser extensions are being distributed on the software repositories and are available for all major web browsers. They are efficient against the most popular scripts right now ‒ CoinHive and JSEcoin.
Computer users can protect themselves from such malware by downloading and utilizing a quality anti-spyware solution. It can effectively remove active infections with a few mouse clicks.
Martin Beltov
Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.
Follow Me: