Cryptocurrency Mining Malware Reached Almost 50,000 Websites but you can Secure your PC

New Malware Targets Apple Computers

About 50,000 websites might host cryptocurrency mining malware. It was reported by Troy Mursch after his investigation.

As digital currencies value up more and more every day, cryptocurrency mining has become a very profitable business too. Ethereum, Bitcoin, and Monero seem to take the lead. Among them, Monero allows the easiest way to be mined because it can be executed on CPU´s. It has attracted website owners who try to monetize their websites. They have opted for embedding JavaScript-based mining scripts to maximize their profits. In some cases, these methods complement traditional revenues from Internet ads. They may even replace all those ads.

Cryptocurrency attracts malicious malware

Cryptocurrency through websites and embedded scripts is a good way to make the most of CPU´s capacity. On the contrary, computers have been extensively damaged during the process of cryptocurrency. Unfortunately, not all the websites offer-opt out alternatives for mining. This makes that these types of scripts are considered as abusive.

As a consequence, these activities have started to attract malicious miners and hackers. They can easily embed Java Scripts to take advantage of cross-site scripting without being noticed. Attacks have increased to the point that 4,000 websites from UK, US, and Australia governments were already infected using these tools. In the private sector, a website operated by the L.A. Times was also infected through Coinhive.

Main participants

As reported by Mursch, there are several options available to embed mining scripts. Among them, Coinhive provides mining scripts to 81,6% of a total of 48,953 sites. Coinhive mining methods found in WordPress sites include obfuscated references to its scripts. This fact ignited the alarms as it suggests that the scripts were added without websites owners´ approval. Hackers probably took advantage of their weakness or added hidden plug-ins.

Besides Coinhive, other options are sharing the cake of browser-based mining. However, they still have a small portion. Some of them include Minr which always includes obfuscation codes. It makes it very hard to be detected. In addition, scripts accessed through their links are always vary.

Ways to get protected

Despite cryptojacking activities increase, methods to counteract such attacks also develop. The major challenge here is to cope with clandestinity. Some recommendations include installing miner block extensions for Firefox and Chrome. Opera browser automatically blocks cryptojacking. Among antiviruses, MalwareBytes is very effective, as it was capable to block Coinhive.

Until recently, Monero was the only cryptocurrency that could be mined through the web. This is what made it vulnerable to malware attacks. But now there is evidence that Android devices, apps like Telegram and even Microsoft Word documents are getting targeted. As technology evolves, hackers also evolve with it.