Websites using Malvertising to Mine Monero
Annoying web ads can really impede one's browsing experience. However, how about the prospect of your browser doing a bit of Monero mining whenever you visit a page?
We have previously heard how Russian hackers have resorted to spreading malware that embeds itself on the user's machine to mine Monero. However, this would require the user to download the Malware in some way. This is generally one of the hardest parts.
Hackers have therefore decided that it can be much easier to get a user to visit a page on a website and mine that Monero with the browser. Malvertising is a form of malware that aims to present the user with adverts. As users have become wiser to intrusive ads, these hackers have found that the mining malvertising is much more efficient.
All that is required is that the website has to embed a piece of Javascript code that will run once the user visits a particular page. Once the code is running, it will mine the Monero and the user will be none the wiser. The only thing that they may notice is that their PC is running a bit slower than usual.
Choosing the Targets
At current, the malvertising code is targeting users who use gaming and streaming sites. This is reasonable given that most of these users have advanced graphics cards or GPUs which can mine the Monero more efficiently.
For example, many users of the Peer-to-Peer downloading site, Piratebay became aware that their PCs were running a bit slower than ususal when they visited a particular page on the site. Upon closer examination they discovered the code in the footer of the page. It is an external script that is provided by coinhive. Below is the script that is run when it loads.
This has been throttled at 0.8 in order to hide the immediate effect that this would have on the speed of the PC. However, this was picked up by users on the Piratebay website and they raised it with a number of the admins. The response from the admins was that this was an alternative way for them to generate some revenue without bombarding the users with a great deal of ads.
There is also another script which is a modified version of MineCrunch. This was a script that was developed in 2014 and appears to be used more and more. It can also mine Zcash and Litecoin.
Adblock to the Rescue
Users should not worry too greatly about the impact of this if they are running some successful ad blocking plugins. Most of the effective blockers are able to identify the malicious javascript and refuse its execution. If the user does not have an ad blocking script then they can merely disable javascript on the browser. Unless the code is executed from an unusual location then it is unlikely that they will be able to circumvent these measures.
Featured Image via Fotolia
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.