About 50,000 websites might host cryptocurrency mining malware. It was reported by Troy Mursch after his investigation.
Cryptocurrency attracts malicious malware
Cryptocurrency through websites and embedded scripts is a good way to make the most of CPU´s capacity. On the contrary, computers have been extensively damaged during the process of cryptocurrency. Unfortunately, not all the websites offer-opt out alternatives for mining. This makes that these types of scripts are considered as abusive.
As a consequence, these activities have started to attract malicious miners and hackers. They can easily embed Java Scripts to take advantage of cross-site scripting without being noticed. Attacks have increased to the point that 4,000 websites from UK, US, and Australia governments were already infected using these tools. In the private sector, a website operated by the L.A. Times was also infected through Coinhive.
As reported by Mursch, there are several options available to embed mining scripts. Among them, Coinhive provides mining scripts to 81,6% of a total of 48,953 sites. Coinhive mining methods found in WordPress sites include obfuscated references to its scripts. This fact ignited the alarms as it suggests that the scripts were added without websites owners´ approval. Hackers probably took advantage of their weakness or added hidden plug-ins.
Besides Coinhive, other options are sharing the cake of browser-based mining. However, they still have a small portion. Some of them include Minr which always includes obfuscation codes. It makes it very hard to be detected. In addition, scripts accessed through their links are always vary.
Ways to get protected
Despite cryptojacking activities increase, methods to counteract such attacks also develop. The major challenge here is to cope with clandestinity. Some recommendations include installing miner block extensions for Firefox and Chrome. Opera browser automatically blocks cryptojacking. Among antiviruses, MalwareBytes is very effective, as it was capable to block Coinhive.
Until recently, Monero was the only cryptocurrency that could be mined through the web. This is what made it vulnerable to malware attacks. But now there is evidence that Android devices, apps like Telegram and even Microsoft Word documents are getting targeted. As technology evolves, hackers also evolve with it.