The Rise Of Cryptojacking And How To Stop It

Status
Not open for further replies.

bit_user

Polypheme
Ambassador
Browsers should simply idle non-visible tabs & minimized windows by default, as well as throttling scripts on visible tabs. Anything which lowers the mining rate should help. If it gets dropped low enough, I doubt most of these actors would even bother.

BTW, even if an Android app is only accessible via direct link, Google should still at least provide a warning for those apps which have received numerous complaints. They'd hardly have to lift a finger to do that much.
 
I always thought this sort of thing was better fought by polluting the database (poisoning the well). To discourage [data | crypto] mining by prevention, you need to get the prevention measures installed on most of the computers out there. In contrast, a database polluting extension (returns false data) can be effective when installed on only a tiny fraction of the computers out there. If it detects mining and returns a false positive (i.e. pretends it found a bitcoin when it didn't), eventually the miner's database gets filled with so many fakes it takes as much effort to determine the fakes from the real results as mining the coins themselves. Likewise, if marketers' databases are polluted with fake results, it degrades the value of their database, possibly to the point of uselessness. Eventually it becomes not worth it to try this sort of thing on other people's computers.
 

studmoose

Prominent
Feb 27, 2017
75
0
660
Huh, I wonder if I have a cryptominer in my Firefox. It runs at neat 100% while I'm not even doing anything. Process Explorer shows it's in a Forefox.exe or other Firefox module.
 

bit_user

Polypheme
Ambassador

We're not talking about malware that's infected your computer. For that, use a traditional virus scanner.

What we're talking about is something that should run when viewing certain pages or sites. Even before this trend started, I would find certain sites just consume lots of CPU. Probably running an ad blocker would help, but I just manually closed tabs until the offender is eliminated.

Anyway, maybe this will help you narrow-down what's spiking your CPU utilization:

https://support.mozilla.org/en-US/kb/firefox-uses-too-many-cpu-resources-how-fix
 

USAFRet

Titan
Moderator


For one, this:
https://www.bleepingcomputer.com/news/security/chrome-extension-with-100-000-users-caught-pushing-cryptocurrency-miner/

No big deal right?
Yeah, it is.
Sucking up your electricity and PC resources, for their gain.

Like if your neighbor ran a garden hose from your outside tap, over to his house.
No big deal, until you get your next water bill.
 

lperreault21

Notable
Sep 8, 2017
512
0
1,160


alraight, that makes more sense.

But, The should at least ask first.
 

USAFRet

Titan
Moderator


If they "asked", in language that made it clear as to what they were doing, no one would say Yes.
So they sneak it in.
 

lperreault21

Notable
Sep 8, 2017
512
0
1,160


true
 

AnimeMania

Distinguished
Dec 8, 2014
334
18
18,815


I had this happen to me, I have a CPU Usage Tracker always easily visible, all CPU usage was at 100%. It made the webpage almost totally useless, you could barely scroll down the page. If they had limited the CPU usage to 50 or 75%, I might not have noticed or really cared that much since I wasn't going to be on the webpage that long.
 

bit_user

Polypheme
Ambassador

Laws only work if the perpetrator is in their jurisdiction. This makes it notoriously hard to legislate online content, though it would keep some of the larger and more well-known content providers from intentionally doing it.

IMO, the best fix is a technical one, at the browser level. Honestly, I don't care if it's cryptojacking or a buggy webpage - I don't want any pages using a significant amount of my CPU/GPU horsepower unless I explicitly click some kind of acknowledgement (like a "turbo" button).
 
That put light on the fact that people don't know what they are agreeing on with many term of services. This is like someone you don't know borrowing your car for doing their groceries.
 

bigdragon

Distinguished
Oct 19, 2011
1,107
547
20,160
Good article. These scripts drive me absolutely crazy because they cause my tablet fan to spin up loudly. Worse, sites employing these miners don't distinguish between donors and regular visitors meaning everyone gets hit. I'm having to clamp back down on web browsing rather than allow some stuff through. This benefits no one.
 

Zaporro

Honorable
Jan 23, 2014
249
0
10,710
Best way to stop cryptojacking? Make mining illegal everywhere. Damn cancer of XXI, created by criminals for criminal reasons under BS excuse of being "beneficial to public".
All it brought are issues like above, recent increase in ransomware attacks - because now criminalcurrencies made anonymous "currency" transfers easier for all sort of ransom purposes - before if someone demanded money they had to either show up to get it in cash or have bank account that would leave traces and gave people reason to waste electricity and hardware on pointless work, often leading to abuses (people stealing electricity, abusing public resources and hardware).
 

bit_user

Polypheme
Ambassador

I get the downsides of crypto-currencies, but you surely realize it's impossible to make something illegal everywhere. And even outlawing things doesn't get rid of them - only pushes them underground.

Once governments decided to start taxing Bitcoin, I knew crypto-currencies were here to stay. For better and for worse.

Anyway, you're ignoring the potential of blockchain technologies to actually aid law enforcement and anti-terrorism. I know there are anonymizing techniques that can cover the tracks of individual criminals, but they also have the potential to backfire on the people using them and probably don't scale well to larger enterprises.
 

lucas_james

Prominent
Feb 12, 2018
1
0
510
I suspect Vuze the torrenting program may now be employing this tactic. Only a suspicion, however, I have noticed that after the latest update my CPU usage is 100% when Vuze is running. Can anyone else confirm or deny this?
 
Status
Not open for further replies.