Reports indicate that a new hacker attack wave is being used against computer victims worldwide by distributing cryptocurrency miners via malicious scripts on websites. One of the most famous examples are some of the mirrors of the Pirate Bay torrent tracker.
Cryptocurrency Miners Infect Computers Worldwide
Depending on the site and the chosen digital currency different miners and configuration options can be predefined by the criminals. In certain cases a complex initiation route is followed. An example execution sequence can be the following:
- Initial Site Visit ‒ When the user navigates to the hacker-controlled site the initial infection may not begin at once. Advanced forms can utilize an information harvesting process which is used to analyze the computer’s hardware and test the performance.
- Automatic Configuration ‒ Depending on the statistics of the computer the target wallet and miner is chosen.
- Miner Start ‒ The crypto currency miner is started and the computer automatically runs the resource-intensive operations as long as the visitor is on the page.
Depending on the individual case the miner software can infect the victim computers and remain on the system even after the visitors have left the site. The security researchers state that different crypto currencies can be used, the most popular options are Bitcoin and Monero.
Cryptocurrency Miners Spread Rapidly on Sites
Right now special adblockers and browser extensions are being distributed on the software repositories and are available for all major web browsers. They are efficient against the most popular scripts right now ‒ CoinHive and JSEcoin.
Computer users can protect themselves from such malware by downloading and utilizing a quality anti-spyware solution. It can effectively remove active infections with a few mouse clicks.