New Internet Attack! Secret Mining Script using your browser for their income

Sep 26, 2017360TS

Recently 360 Internet Security Center has discovered a new Internet attack hidden in websites through javascript to mine cryptocurrency for cybercriminals.
New Internet Attack

This mining script (JS/CoinMiner) has been found in and distributed to different and numerous websites globally. According to researchers in 360 Security Center, such script was firstly found on September 15th and has been distributed extensively. Within a week, the script has been seen by hundreds of thousands of visitors, and it’s still escalating.

growing number

According to research, this current JS/CoinMiner attack is targeting users mostly in Russia with 65.29%, in the Ukraine with 21.95%, and 6.49% in Belarus. To protect 360’s users, the Internet Security Center has analyzed the mining script, disclosed the secret, and released a feasible solution.

Where and how is JS/CoinMiner hiding?

Most of the time, the mining code are hidden in websites with banner ads, streaming video, and/or online games. This is because users tend to stay on such sites longer, providing a perfect cover for mining scripts that are adding burden to the host servers.

By checking the Internet source code, we can find the hidden code (Coinhive JavaScript Miner), which is based on a technique called CryptoNight Mining which is used to mine CryptoNote Cryptocurrency such as Monero, Dashcoin, DarkNetCoin, etc.

Source code

When you have JavaScript enabled by default on your browser, and then visit a website containing the JS/CoinMiner with JavaScript, then the mining session has begun. As a victim, you might not notice anything as your computer is not actually infected. Rather, your computer will slow down as the cybercriminals would be sending cryptocurrency to their accounts. Furthermore, these malicious crooks aggressively steal your CPU power which can sometimes ruin your PC.

How to protect yourself from new Internet attack as this?

So as you see, cybercriminals no longer have to infect or hack your computer. Rather, through this type of online mining attack they can make easy money faster than before. As such, we expect to see this tactic used by more and more cybercriminals.

To protect yourself you could simply turn JavaScript off in your browser, yet that will likely diminish your online enjoyment. On the other hand, you can download and use the Opera browser, which blocks online ads for you. Furthermore, with the latest version of 360 Total Security, you’re secured with real-time protection which blocks attacks from online mining scripts.