A new type of cyber attacks! A hidden mining script can mine through the user’s browsers.

The modern computer and Internet user operates in a world of hefty risks. Your personal details, identity information, and financial information can all be compromised if a cyber criminal hacks into your computer. Also, a data breach in the databases of your employer, business partner, or an Internet based service you use can also cause similar losses. Of course, there are anti-virus, VPNs, and other security and privacy tools that anyone can use to secure this information. However, the trouble is that the nature of cyber attacks is constantly changing.

Hidden Mining Scripts Stealing Your Computer’s Resources

Among the most recent of these cyber attacks is something called crypto-hacking. This refers to the hijacking of your computer’s processing power by cyber criminals to mine cryptocurrencies, and confirm transactions to keep the cryptocurrency network working. You , sadly, don’t benefit from this, and just lose your computer’s processing power. These mining scripts can be put to work even via your web browser. An IBM Managed Security Service report recently suggested that incidents of malware containing these crypto-mining scripts have increased 6 times in 2017.

The Origin of Secret Mining Scripts

Because of the positive sentiment about the future of cryptocurrencies, it’s natural that web entrepreneurs and website based businesses are interested in it. However, mining cryptocurrencies demands a lot of processing power and computing resources. To meet this challenge, some websites have started engaging in the shady and unethical practice of running mining scripts when a user reaches the website using a web browser on desktop or mobile. There is no intimation or the user about such a script running in the background.

The First Defaulters

The news about this kind of cyber crime broke out when The Pirate Bay, one of the leading torrent websites, was spotted testing Monero cryptocurrency mining script in its website.

It even confessed that it might continue using the script to support the website. The Pirate Bay appealed that it wanted to get rid of advertisements on its website, and hence had reasons to ‘experiment’ with concealed mining scripts via users’ web browsers to explore an alternative monetization model. This was followed with similar news stories. For instance, Showtime.com and Showmeanytime.com (both properties of CBS’s Showtime network) were spotted using similar mining scripts without their users’ permission. The CoinHive script in question soon disappeared from CBS websites when media started questioning the ethics of such practices.

More Facts and Figures to Help You Understand the Extent and Impact of Crypto-Hacking

AdGuard, a leading cyber security product and service vendor, has conducted a research into the top 100,000 websites (as listed on Alexa), and checked for CoinHive and JSECoin mining scripts on these. Some of the key findings of the research are presented here.

• 220 of the top 100,000 websites were found to be using crypto-mining scripts.
• The monthly traffic for these websites is 500 million, and that’s the potential number of users already affected by this shady practice of secret mining via web browser.
• These websites have users from USA, China, India, Russia, South America, Europe, and Iran – which means the impact is truly global.
• CryptoLoot and MineMyTraffic are 2 clones of CoinHive that have emerged in the very recent past, and it’s likely that more such scripts will emerge.
• In just 3 weeks, close to $43,000 worth of estimated earnings were made using crypto-mining/crypto-jacking.
• More than 50% of the websites that use browser based secret mining belong to 4 categories – TV and video content streaming, torrent file sharing, adult content, news and media.

Is Browser Based Mining Absolutely Bad?

Well, that really isn’t a question that can be answered in one word. To understand the context of this debate, here are some potential benefits of mining scripts on websites.

• Because cryptocurrencies are growing, and more cryptocurrencies are emerging, mining is expected to become a highly valuable activity.
• The potential benefits of mining might not be huge (as yet), but it’s viewed as an alternative to advertisements as a revenue channel for websites.
• Because web ads have a nuisance-value, it’s considered desirable that website owners consider other channels (such as mining) to generate some income.

At the moment, however, it’s pretty safe to say that no website has the right to secretly start running mining scripts via a user’s web browser, to draw from the user’s computer’s processing power for its own benefit. In the very least, websites need to make a clear declaration of their intentions of running such a script, seeking the user’s permission to do so. Until this happens, such practices have to be treated as equivalents of cyber crimes. After all, no Internet user should be tricked into unwittingly committing his/her computer’s processing power for someone else’s gain.

Does Crypto Mining Aim At Mining Bitcoins?

Not quite. That’s because Bitcoins mining needs massive computing power, and even by hacking into thousands of end user computers and running mining scripts on them, such computing power can’t be achieved. In fact, for Bitcoin mining, miners need to set up facilities of the kinds of data centers, with thousands of machines operating solely for the purpose of Bitcoin mining. Crypto-hacking attempts are more focused on new and upcoming cryptocurrencies such as Monero, a privacy centric digital coin that has a current market cap of about $1.3 billion.

How to Protect Yourself from Browser Based Hidden Mining Scripts?

Here are some ways and means you can adopt to detect and kill such secret mining scripts.

Check CPU Usage

In case you feel your Internet connectivity is slow, or your computer’s processing has gone down, it’s time you check CPU usage. In MAC systems, you can use Activity Monitor to do so, for Windows systems, you can use Task Manager. Now, it’s fairly difficult to clearly observe any anomaly in the CPU resource usage patterns, because many regularly used computer applications take up varying amount of resources under different conditions. If you experience slow processing speeds, close all applications, and still don’t see an improvement, it’s likely that a secret script is running in the background. Also, sudden elevations in your CPU usage will indicate the same.

Use Ad Blockers

Researchers at security solutions provider ESET have revealed that websites could have infected advertisements displayed on them, which could eventually unleash mining scripts once you click on them. These, actually, are easier to combat. Firstly, because of the negative publicity that web advertisements generate in the context of increasing cyber crime reports means that users are anyways very careful with which websites’ advertisements they trust. Secondly, such scripts can be killed just by closing the tab where that website has been opened. Thirdly, users can block JavaScript from running on websites just by using default web browser content control settings.

Ad Blocking software can also other known types of in-browser mining scripts such as the CoinHive script that CMS websites were lambasted for using without users’ permission. Note that even the makers of the CoinHive script have gone on record asking people to not use the script on anybody else’s machines without asking for their permission. AdGuard is on software package that alerts Internet users of the presence of hidden mining scripts on a website and lets them allow or deny the script from running.

Advanced Crypto-Mining Threats

Researchers at IBM have also uncovered more advanced hidden mining script based malware and mining software that can start consuming computing resources of unsuspecting users. These are perpetrated via infected image files, or when users click on links that trigger these scripts to run in background. Because these attacks are specifically targeted at enterprises, it’s crucial that you remain alert and prepared if you are an SMB or a large company. To detect these mining scripts, the best option is to rely on the CPU usage check we mentioned earlier. By identifying the process that’s eating resources and eliminating it, you can prevent the ‘theft’ of your computers’ processing power for someone else’s gain.

Note – If you already have an anti virus in place, check whether it offers you protection or alerts against self-starting and concealed scripts in websites. If you get pop up alerts for the presence of hidden scripts, make sure you investigate further before allowing the website to run it. Specifically, you can search for mining blocker extensions for your anti-virus programs. Considering the extent and expanse of hidden in-browser mining scripts, it’s very likely that all major anti-virus software providers will soon start offering dedicated anti-mining extensions.

Final Thoughts

The state of cyber security is deteriorating with every day. That’s because cyber security personnel can only react to the kind of malicious designs that cyber criminals start implementing. Thankfully, hidden browser based mining scripts have been identified before they started making any gigantic negative impacts. Take this opportunity to understand the risks, and take the necessary actions to prevent the theft of your computers’ resources for crypto-currency mining against your permissions.