Improved Methods for Avoiding In-browser Miner Detection

Windows Articles

Diskpart is a very useful tool for managing storage in Windows 10.

Hello! Diskpart is an internal tool included in Windows systems that allows you to manage storage units. Indeed, it is possible to manage internal...

How To Install MySQL 8.0 On Ubuntu 20.04

Today we are going to learn that how to Install MySQL 8.0 on Ubuntu 20.04. MySQL is one of the most popular and commonly...

How to Update to MIUI 12 via Fastboot

Greetings friends. The new version of the Android-based operating system MIUI 12 released this year, is still being deployed with some devices missing. On...

How to use modprobe command?

The modprobe command is a Linux administration system created for management, visualization, inclusion and exclusion. From loadable modules to kernel. Also, the Module is...

Install Virtualmin on CentOS 8

Hello, friends. In this post, you will learn how to install Virtualmin on CentOS 8. In addition to that, we will leave it ready...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Hackers are never the stupid ones for sure. Whenever they create a malware, it amazes us quite well. When the world learns to counter it, they improve or rewrite another malware to breach the system. That’s what happening to cryptojacking. It’s a process that uses others’ hardware resource to mine cryptocurrency and earn money without paying the electricity bill. In-browser mining tools are already in action, but hackers have found better techniques to hide the mining process from the system watchdogs.

Cryptojacking has turned into the hottest malware trend of the recent days. Hackers don’t need to break into your bank account. Instead, they can simply use your PC to make money. You pay for the energy consumption and hackers get their money free of charge. After emerging, lots of security software (antivirus, ad blockers, browser extensions etc.) are now able to detect and block cryptojacking scripts. The miner was previously loaded as JavaScript codes associated with cryptojacking servers.

Hackers now have found ways to work around the blocking and mine freely. Using proxy servers, crooks are now able to inject the mining code into your browser.

Proxy servers helping to evade detection

The most widespread and popular method of such workaround is deploying a “cryptojacking proxy server”. There’s an example available on GitHub, named CoinHive Stratum Mining Proxy.

These proxies allow the hackers to host the mining codes on their server (instead of CoinHive, DeepMiner, CryptoLoot servers) and load them as an anonymous JavaScript code. As you guessed, these servers are blocked by security programs by default.

Secondly, the proxies let the hackers to utilize a custom mining pool, featuring to detach the mining process from the parent cryptojacking service. For example, this ability ensures no fee payment to CoinHive.

Due to all these facilities, hackers are currently tending to use them as a defensive layer for their miners. Two security vendor company – Malwarebytes and Sucuri – have been tracking such attacks in the recent months.

The only way to identify the illegal mining is to check your system’s performance. If the CPU or GPU usage is pretty high, that means that a cryptojacking process is running. You can use Task Manager (on Windows) or System Monitor (on Linux) or any similar programs to check out the CPU usage regularly for any suspicious activity.

Hackers currently succeeded in earning $75,000 from a new campaign discovered recently. Learn more about how hackers earned the money using a 5-years-old exploit.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Diskpart is a very useful tool for managing storage in Windows 10.

Hello! Diskpart is an internal tool included in Windows systems that allows you to manage storage units. Indeed, it is possible to manage internal...

How To Install MySQL 8.0 On Ubuntu 20.04

Today we are going to learn that how to Install MySQL 8.0 on Ubuntu 20.04. MySQL is one of the most popular and commonly...

How to Update to MIUI 12 via Fastboot

Greetings friends. The new version of the Android-based operating system MIUI 12 released this year, is still being deployed with some devices missing. On...

How to use modprobe command?

The modprobe command is a Linux administration system created for management, visualization, inclusion and exclusion. From loadable modules to kernel. Also, the Module is...

Install Virtualmin on CentOS 8

Hello, friends. In this post, you will learn how to install Virtualmin on CentOS 8. In addition to that, we will leave it ready...
x