Wednesday, November 6, 2024
HomeCryptocurrency hackOver 500 Million Users PC's are Secretly Mining CryptoCurrency in Browser without...

Over 500 Million Users PC’s are Secretly Mining CryptoCurrency in Browser without Users Knowledge

Published on

Malware protection

Over 500 million computer are mining cryptoCurrency in their browsers without users knowledge by 100 of the website by injecting mining scripts in their browsers by secretly hijacks visitors CPU’s.

Crypto mining is not something like malware or any other malicious payload but its used by many top ranking websites for injecting a mining JavaScript into visitors browsers by hijacking the CPU process and Slow Down the computer using up processing power.

This impact has estimated as very huge which is around 500 Million users around the World because of 220 websites of 100k top ranking websites are using crypto-Mining scripts to inject the visitor’s browsers.

- Advertisement - SIEM as a Service

Also Read : Over 1.65 Million Users Infected By Malware Miners In 2017

These top order websites are Mining cryptocurrency for generating revenue through ads by injecting aa mining scripts into visitors browsers by abusing these website reputation especially they launch mining when a user opens their main page, with an aggregated audience of 500 million peoples.

Affected Countries – Mining CryptoCurrency

Affected Users Countries Estimated around the globe including USA, China, South American and European countries, Russia, India, Iran.

This CryptoMining website estimated joint profit at over US $43,000, and this money has been made in three weeks at almost zero cost.

According to AdGuard, Examining the website list more closely, we discovered that many of them are from the “gray zone”, mostly pirate TV and video sites, Torrent trackers and porn websites. Judging from these characteristics, we begin to wonder if browser mining is a bad thing and if it should be banned from the Internet.

In this case, Many of Top Oder website’s are using Most Popular CryptoCurrency and JSEcoin.

Fewdays Before security researcher Troy Mursch Discovered that Politifact.com using CoinHive and caused his computer’s CPU to run at its maximum capacity.

In fact, the largest torrent search engine, The Pirate Bay, that made CoinHive famous by being caught using it.

The company’s video streaming platforms are the exact type of websites that are good for mining: They boast a huge audience that keeps their site open in their browsers for a long time.

The ethical way for a website to earn money by mining through its audience’s computers is to ask the audience for permission first, and to allow them the possibility to opt out. Actually, such a practice could make mining even more ethical than ads. After all, nobody asks us if we would like to see ads on a website. adguard Said.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Azure API Management Vulnerabilities Let Attackers Escalate Privileges

Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could...

Google Patches High-Severity Vulnerabilities in Chrome

Google has released a new update for its Chrome browser, addressing two high-severity vulnerabilities....

ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware

A new tactic, "ClickFix," has emerged. It exploits fake Google Meet and Zoom pages...

APT36 Hackers Attacking Windows Deevices With ElizaRAT

APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Critical Atlassian Vulnerability Exploited To Connect Servers In Mining Networks

Hackers usually shift their attention towards Atlassian due to flaws in its software, especially...

Log4j Vulnerability Exploited Again To Deploy Crypto-Mining Malware

Recent attacks exploit the Log4j vulnerability (Log4Shell) by sending obfuscated LDAP requests to trigger...

Hackers Abused StackExchange Platform To Deliuver Malicious Python Package

Attackers uploaded malicious Python packages targeting Raydium and Solana users to PyPI, leveraging a...