Cryptocurrency mining came to a new level

Delaware, USA – October 04, 2017 – The second half of September was marked by a significant increase in the number of incidents with JavaScript cryptocurrency miners. The idea of ​​cryptocurrency mining instead of displaying advertising banners was realized in 2013, but until recently it was not very popular. On September 14, the Coinhive platform was officially launched, providing JavaScript cryptocurrency miners for websites. Within two days, the well-known site The Pirate Bay put an “experiment” on its users, using this cryptocurrency miner. Attackers are also interested in this method of making money: on the Internet, there are many reports of hacked websites, in which attackers injected Coinhive or JSE Coin scripts. Also, such cryptocurrency miners began to spread along with malvertising, even through popular ad networks, as they do not pay enough attention to this threat and display banners with malicious scripts.

Using computers for cryptocurrency mining in this way significantly loads CPU and reduces system performance. You can protect against this threat by installing browser extensions that support blocking of such malicious scripts, for example, AdBlock Plus or AdGuard. SIEM administrators can leverage use case Web Mining Detector for ArcSight, which allows them to discover connections to the miners’ platforms and determine the reasons for performance issues on users’ computers.