Cryptojacking ili zlonamjerno kriptominiranje^{(malicious cryptomining)} novi je trik koji se koristi za rudarenje kriptovaluta^{(Cryptocurrencies)} na korisničkom računalu koristeći njihove CPU resurse u pozadini bez njihova znanja. Obično cyber kriminalac učitava skriptu u žrtvin web preglednik koji sadrži jedinstveni ključ web-mjesta kako bi prisilio korisnika da ih obogati.

Ako se borite sa sporim računalom ili internetskom vezom, nemojte još samo kriviti dobavljača ili davatelja usluga jer ste možda žrtva novog trika kojeg hakeri koriste pod nazivom Cryptojacking preglednika .

Evolucija Cryptojackinga^{(Cryptojacking)} pripisuje se velikom interesu za kriptovalute^{(Cryptocurrencies)} u posljednjih nekoliko mjeseci. Pogledajte Bitcoin u posljednjih nekoliko mjeseci, a vrijednost mu je porasla za više od 1000%. To je također privuklo pažnju hakera i tako je rodilo opasne prakse kao što je Crytptojacking^{(Crytptojacking)} .

Što je Cryptojacking

Nastanak^(Emergence)

Prije nego shvatimo što je Cryptojacking , prvo nas obavijestite o Cryptominingu^{(Cryptomining)} .

Cryptomining ili rudarenje kriptovaluta^{(Cryptocurrency Mining)} je proces kojim kriptovaluta nastaje, koristeći blockchain tehnologiju. Cryptomining također omogućuje puštanje novih kovanica kriptovaluta na tržište. Rudarenje^(Mining) provode određeni kolege iz mreže kriptovaluta koji se natječu (pojedinačno ili u grupama) u rješavanju teškog matematičkog problema zvanog proof-of-work

U rujnu 2017. Coinhive je debitirao na tržištu, nudeći rudarenje kriptovalute pod nazivom Monero ( XMR ). Coinhive u osnovi nudi dio koda napisan u JavaScript -u koji vlasnici web stranica mogu jednostavno ugraditi na svoje web mjesto. Coinhive je predstavio novi poslovni model za web stranicu tvrdeći da vlasnici web stranica mogu ukloniti oglase sa svojih web stranica i umjesto toga učitati Coinhive .

Kada korisnici pristupe web stranici s ugrađenim Coinhive-om, Coinhive pokreće^(Coinhive) proces rudarenja kriptovaluta u ime vlasnika web-mjesta koristeći resurse korisničkog sustava (zbog toga računala često postaju spora). Posjetitelji web stranice predstavljaju skupinu čvorova koji obavljaju intenzivan računski rad za rješavanje matematičkog problema. Međutim, umjesto da oni dobiju nagradu prilikom rješavanja izazova, prima je vlasnik web stranice. Dakle^(Hence) , vlasnici web stranica navodno još uvijek mogu ostvarivati ​​profit i podržavati svoje poslovanje, a da pritom ne gnjave svoje posjetitelje reklamama.

Iako je Coinhive trebao biti legitiman, njegov koncept doveo je do pojave sličnog softvera, koji sada koriste cyber kriminalci za zloupotrebu^{(Cryptomining abuse )} Cryptomininga ili Cryptojacking.

Ukratko, Cryptojacking je tehnika otmice preglednika za rudarenje kriptovalute, bez pristanka korisnika. Isporuka rudara kriptovalute putem zlonamjernog softvera poznata je činjenica, ali rudarenje kriptovalute prilikom pristupa web stranici je novo i dovelo je do toga da napadači zloupotrebljavaju za osobnu korist.^{(In short, Cryptojacking is the technique of hijacking browsers for mining cryptocurrency, without user consent. Delivering cryptocurrency miners through malware is a known fact, but mining cryptocurrency when accessing a webpage is new and has led to the attackers abusing for personal gains.)}

Cryptojacking nije tradicionalni zlonamjerni softver

Cryptojacking ne šteti vašem računalu kao tradicionalni zlonamjerni softver ili ransomware . Niti pohranjuje niti zaključava ništa na tvrdom disku. Dakle^(Hence) , on sam po sebi nije zlonamjerni softver kao takav, ali se sigurno može uvesti u vaš sustav pomoću zlonamjernog softvera.

Cryptojacking , slično zlonamjernom softveru, koristi resurse vašeg računala bez vašeg dopuštenja. To može uzrokovati da PC i preglednici rade iznimno usporeno, da isprazne bateriju i povećaju račune za struju, a da vi to niste ni svjesni.

Posljedice Cryptojackinga

Cryptojacking može utjecati na Windows OS , kao i na Mac OSX i Android . Nedavno su prijavljeni brojni slučajevi Cryptojackinga^{(Cryptojacking)} . Neke od uobičajenih vrsta uključuju sljedeće:

Web-mjesta koja namjerno koriste Coinhive^{(Websites using Coinhive deliberately)}

Pirates Bay bio je jedan od prvih velikih igrača koji je kriv za namjerno korištenje Coinhivea^(Coinhive) . Problem je bio što se to radilo transparentno, bez pristanka posjetitelja. Nakon što je skripta za rudarenje kriptovaluta otkrivena, Pirate Bay je objavio priopćenje u kojem se spominje da testira ovo rješenje kao alternativni izvor prihoda. Istraživači se boje da postoji mnogo takvih web stranica koje već koriste Coinhive bez pristanka posjetitelja.

Coinhive je ubačen u ugrožene web stranice^{(Coinhive injected into compromised websites)}

Istraživači su identificirali kompromitirane WordPress i Magento web stranice koje su u njih ubacile Coinhive^(Coinhive) ili sličan JavaScript baziran rudar.

Pročitajte^(Read) : Što učiniti ako skripta za kripto rudarenje Coinhive zarazi vašu web stranicu.

Cryptojacking korištenjem proširenja preglednika^{(Cryptojacking using browser extensions)}

Kriptojacking u pregledniku^(In-browser) koristi JavaScript na web stranici za rudarenje kriptovaluta. JavaScript radi na gotovo svakoj web stranici koju posjetite, tako da JavaScript kod odgovoran za rudarenje u pregledniku ne mora biti instaliran. Čim učitate stranicu, kod za rudarenje u pregledniku se samo pokreće.

Postoje slučajevi proširenja web-preglednika koji ugrađuju Coinhive gdje softver za kriptominiranje radi u pozadini i rudari “Monero” dok je preglednik bio pokrenut – i to ne samo kada posjećujete određenu web stranicu.

Cryptojacking sa zlonamjernim softverom^{(Cryptojacking with malware)}

Ovo je još jedna vrsta zlouporabe u kojoj se Coinhive implementira uz zlonamjerni softver putem lažnog ažuriranja Jave .^(Java)

Cryptojacking u Android uređajima^{(Cryptojacking in Android devices)}

Otkrivena je Android varijanta Coinhivea koja^(Coinhive) cilja ruske korisnike. Ovaj trend sugerira da se Cryptojacking širi i na mobilne aplikacije.

Typosquatted domene koje ugrađuju Coinhive^{(Typosquatted domains embedding Coinhive)}

Netko je registrirao domenu “twitter.com.com” i učitao Coinhive na nju. U suštini, korisnici koji su pogrešno upisali Twitterov URL i dospjeli na tu web stranicu rudarili bi Monero za vlasnika domene sve dok su ostali na web stranici.

Cryptojacking putem usluga u oblaku^{(Cryptojacking through cloud services)}

Cyber ​​kriminalci otimaju nezaštićene Cloud platforme i koriste ih za rudarenje kriptovalute.

Microsoft je obavijestio o varijacijama Coinhivea koje su uočene u divljini. Takav razvoj događaja ukazuje da je uspjeh Coinhivea motivirao pojavu sličnog softvera od strane drugih strana koje se žele pridružiti ovom tržištu.^{(Microsoft has notified of variations of Coinhive being spotted in the wild. Such a development indicates that Coinhive’s success has motivated the emergence of similar software by other parties that want to join this market.)}

Minr – Pojavljuje se^{(A Coinhive)} alternativa Coinhive

Korištenje Coinhivea^(Coinhive) od strane legitimnih korisnika općenito je u padu zbog nepopularnosti koju je dobivao od svog pokretanja. Coinhive je također lako ući u trag, što je još jedna činjenica da ga njegovi budući obožavatelji ne koriste na svojoj web stranici.

Stoga je, kao alternativu, tim Minr -a razvio opciju “ zamućivanja^{(obfuscation)} ”, što znatno otežava praćenje rudara. To olakšava skrivenu upotrebu alata. Ova je značajka toliko učinkovita da skriva kod^{(hides the code)} čak i za popularni anti-malware alat Malwarebytes .

Kako ostati zaštićen od Cryptojackinga

Cryptocurrencies & Blockchain tehnologija osvaja svijet. To stvara utjecaj na globalnu ekonomiju i također uzrokuje tehnološke poremećaje . Svi su se počeli fokusirati na tako unosno tržište – a to uključuje i hakere na web stranicama. Kako se prinosi povećavaju, treba očekivati ​​da će se takve tehnologije zloupotrijebiti.

Biti pažljiv tijekom pregledavanja nešto je što morate redovito prakticirati ako se želite kloniti prijevara Cryptojackinga. Nalazite se na ugroženom web-mjestu ako primijetite iznenadni skok u upotrebi memorije i usporenu izvedbu na računalu. Najbolja radnja ovdje je zaustaviti proces napuštanjem web stranice i ne posjetiti je ponovno.

Također biste trebali instalirati dobar sigurnosni softver^{(good security software)} i održavati ga ažuriranim, kao i uključiti vatrozide i ne klikati na sumnjive veze tijekom pregledavanja^{(not click on suspicious links while browsing)} .

Kao jednu od mjera opreza možete koristiti Anti-WebMiner programe.

Upotrijebite proširenje preglednika koje web-mjestima blokira korištenje vašeg CPU-a za rudarenje kriptovaluta . Ako koristite preglednik Chrome , instalirajte^(Install) proširenje minerBlock. To je korisno proširenje za preglednik Chrome za blokiranje rudara kriptovaluta na webu na cijelom webu. Osim CoinHivea^(CoinHive) čak blokira i Minr .

Još jedna neophodna mjera opreza je ažuriranje vaše Hosts datoteke^{(Hosts file)} kako biste blokirali coinhive.com i druge domene za koje se zna da omogućuju neovlašteno rudarenje. Zapamtite^(Remember) , Cryptojacking i dalje raste sa sve više i više ljudi koji privlače kriptovalute, tako da će se vaše liste blokiranih morati redovito ažurirati.

Spriječite CoinHive^{(Prevent CoinHive)} da zarazi vašu web stranicu

1. Nemojte koristiti nikakve NULL predloške ili dodatke na svojoj web stranici/forumu.
2. Neka vaš CMS bude ažuriran na najnoviju verziju.
3. Redovito ažurirajte svoj softver za hosting ( PHP , baza podataka^(Database) itd.).
4. Osigurajte svoju web stranicu^{(Secure your website)} s pružateljima web sigurnosti kao što su Sucuri , Cloudflare , Wordfence itd.
5. Poduzmite osnovne mjere opreza kako biste osigurali svoj blog^{(precautions to secure your blog)} .

Stay alert, stay safe!

Cryptojacking the new browser mining threat you need to know about

Cryptojacking or malicious cryptomining is a new trick used to mine Cryptocurrencies on a user’s computer using their CPU resources in the background without their knowledge. Typically, the cybercriminal loads a script into the victim’s web browser which contains a unique site key to force the user to enrich them.

If you are struggling with a slow PC or internet connection, do not just blame the vendor or service provider yet because you may be a victim of a new trick used by the hackers called as browser Cryptojacking.

The evolution of Cryptojacking is attributed to the soaring interest in Cryptocurrencies for the past few months. Look at Bitcoin for the past few months or so, and its value has gone up by more than 1,000%. This has attracted attention from hackers as well and so has given birth to dangerous practices such as Crytptojacking.

What is Cryptojacking

Emergence

Before we understand what Cryptojacking is, first let us know about Cryptomining.

Cryptomining or Cryptocurrency Mining is the process by which a cryptocurrency comes into existence, using the blockchain technology. Cryptomining also lets new cryptocurrency coins get released on the market. Mining is carried out by certain peers of the cryptocurrency network who compete (individually or in groups) in solving a difficult mathematical problem, called proof-of-work

In September 2017, Coinhive debuted in the market, offering to mine the cryptocurrency called Monero (XMR). Coinhive basically offers a piece of code written in JavaScript which website owners can simply embed it on their website. Coinhive introduced a new business model for website claiming that website owners can remove ads from their websites, and load Coinhive instead.

When users access a website with Coinhive embedded, Coinhive initiates the process of crypto mining on behalf of the website owner by using user system resources (that is why PC’s often become slow). The visitors to the website represent the group of nodes doing the intensive computational work to solve the mathematical problem. However, instead of them receiving the reward when solving the challenge, the website owner receives it. Hence, website owners can supposedly still make a profit and support their businesses, without supposedly bothering their visitors with advertisements.

Although Coinhive was meant to be legitimate, its concept led to the emergence of similar software, which is now used by cyber criminals for Cryptomining abuse or Cryptojacking.

In short, Cryptojacking is the technique of hijacking browsers for mining cryptocurrency, without user consent. Delivering cryptocurrency miners through malware is a known fact, but mining cryptocurrency when accessing a webpage is new and has led to the attackers abusing for personal gains.

Cryptojacking is not a traditional malware

Cryptojacking does not harm your PC like traditional malware or ransomware act. Neither does it store or lock down anything on the hard drive. Hence, it in itself is not a malware as such, but it can certainly be introduced into your system using malware.

Cryptojacking, similar to malware, uses your PC resources without your permission. It can cause the PC and browsers to work extremely sluggish, drain the battery and raise the electricity bills without you even realizing the same.

Consequences of Cryptojacking

Cryptojacking can affect Windows OS as well as Mac OSX & Android. There have been numerous cases of Cryptojacking reported recently. Some of the common types include the following:

Websites using Coinhive deliberately

Pirates Bay was one of the first major player guilty of using Coinhive deliberately. The issue was that it was done transparently, without the visitors’ consent. Once the crypto mining script was discovered, Pirate Bay issued a statement mentioning that it was testing this solution as an alternative revenue source. Researchers fear that there are many such websites which are already using Coinhive without visitor’s consent.

Coinhive injected into compromised websites

Researchers identified compromised WordPress and Magento websites that had Coinhive, or a similar JavaScript-based miner injected into them.

Read: What to do if Coinhive crypto-mining script infects your website.

Cryptojacking using browser extensions

In-browser cryptojacking uses JavaScript on a web page to mine for cryptocurrencies. JavaScript runs on just about every website you visit, so the JavaScript code responsible for in-browser mining does not need to be installed. As soon as you load the page, and the in-browser mining code just runs.

There are cases of web browser extensions embedding Coinhive where cryptomining software run in the background and mined “Monero” while the browser was running -and not only when visiting a specific website.

Cryptojacking with malware

This is another type of abuse where Coinhive is being deployed alongside malware through a fake Java update.

Cryptojacking in Android devices

An Android variant of Coinhive has been detected targeting Russian users. This trend suggests that Cryptojacking is expanding to mobile applications as well.

Typosquatted domains embedding Coinhive

Someone registered the “twitter.com.com” domain and loaded Coinhive to it. Essentially, users who mistyped Twitter’s URL and landed on that webpage would mine Monero for the domain owner for as long as they remained at the webpage.

Cryptojacking through cloud services

Cybercriminals are hijacking unsecured Cloud platforms and using them to mine cryptocurrency.

Microsoft has notified of variations of Coinhive being spotted in the wild. Such a development indicates that Coinhive’s success has motivated the emergence of similar software by other parties that want to join this market.

Minr – A Coinhive alternative emerges

The use of Coinhive by legitimate users has in general been on decline owing to the unpopularity that it has been receiving since its launch. Coinhive is also easily traceable which is another fact that its prospective admirers are not using it on their website.

So, as an alternative, the team of Minr, has developed an option of “obfuscation”, which makes it much more difficult to track the miner. This facilitates the hidden use of the tool. This feature is so effective that it hides the code even for the popular anti-malware tool Malwarebytes.

How to stay protected from Cryptojacking

Cryptocurrencies & Blockchain technology is taking over the world. It is creating an impact on the global economy and causing technology disruptions as well. Everyone has started focusing on such a lucrative market – and this includes website hackers too. As returns increase, we should expect that such technologies will be misused.

Being observant while browsing is something that you have to practice regularly if you want to stay away from Cryptojacking frauds. You are on a compromised website if you see a sudden spike in memory usage and sluggish performance on your PC. The best action here is to stop the process by exiting the website, and not visit it again.

You should also install a good security software and keep it updated, as well as turn on firewalls and not click on suspicious links while browsing.

You can use Anti-WebMiner programs as one of the precautions.

Use a browser extension that blocks websites from using your CPU for crypto mining. If you use Chrome browser, then Install minerBlock extension. It is a useful extension for Chrome browser to block web-based cryptocurrency miners all over the web. Apart from CoinHive it even blocks Minr.

Another necessary precaution is to update your Hosts file to block coinhive.com and other domains that are known to enable unauthorized mining. Remember, Cryptojacking is still growing with more and more people drawing towards Cryptocurrencies, so your blocklists will have to be regularly updated.

Prevent CoinHive from infecting your website

1. Don’t use any NULL templates or plugins on your website/forum.
2. Keep your CMS updated to the latest version.
3. Update your hosting software regularly (PHP, Database, etc.).
4. Secure your website with web security providers like Sucuri, Cloudflare, Wordfence, etc.
5. Take basic precautions to secure your blog.

Stay alert, stay safe!

Related posts

• Kako izbjeći phishing prijevare i napade?

• Što je trojanac za daljinski pristup? Prevencija, otkrivanje i uklanjanje

• Uklonite virus s USB flash pogona pomoću naredbenog retka ili batch datoteke

• Rogue Security Software ili Scareware: Kako provjeriti, spriječiti, ukloniti?

• Što je Win32:BogEnt i kako ga ukloniti?

• Kako provjeriti ima li u registru zlonamjernog softvera u sustavu Windows 11/10

• Kako ukloniti upozorenje o virusu iz Microsofta na Windows računalu

• Što je IDP.generic virus i kako ga ukloniti?

• Najbolji online skeneri zlonamjernog softvera za skeniranje datoteke

• Provjerite je li vaše računalo zaraženo zlonamjernim softverom ASUS Update

• Što je cyber kriminal? Kako se nositi s tim?

• Kako spriječiti zlonamjerni softver - Savjeti za osiguranje sustava Windows 11/10

• Napadi zlonamjernog oglašavanja: definicija, primjeri, zaštita, sigurnost

• Što je Rootkit? Kako funkcioniraju rootkiti? Rootkiti su objašnjeni.

• Kako Microsoft identificira zlonamjerni softver i potencijalno neželjene aplikacije

• Pogreška navedenog modula nije pronađena u sustavu Windows 11/10

• Kako ukloniti Chromium virus iz sustava Windows 11/10

• Ispravite pogrešku neuspjelog pretraživanja pri pokretanju Chromeovog skenera zlonamjernog softvera

• Što je CandyOpen? Kako ukloniti CandyOpen iz Windows 10?

• Alati za udaljenu administraciju: rizici, prijetnje, prevencija