New 'Malvertising' Threat Hijacks Browsers to Mine Cryptocurrencies An unknown hacker or group of hackers has targeted some video streaming and gaming sites with “malvertising,” which uses online ads as channels to transmit script that causes visitors’ browsers to mine altcoins for the perpetrator.
A blog post on September 14, 2017, by ESET malware researcher Matthieu Faou revealed that an actor, or set of actors, has been using “malvertising” to harness the computing power of unsuspecting visitors to certain websites for the purpose of mining altcoins.
The term “malvertising” refers to the practice of delivering malicious code to a website via an online ad network without the victim actually downloading anything to the affected device. Advertising network operators are unaware of the malicious content being sent to websites on the network. The content contains code that can adversely impact the browsing experiences of these sites’ users and potentially even put their privacy at risk.
In this particular attack, of which victims seem to be concentrated in Russia, Ukraine, and to a lesser extent Belarus, Kazakhstan, and Moldova, the malvertising hijacks the victim’s browser to mine altcoins while the victim is browsing the affected web page. Once the victim navigates away, the mining stops because no malware was actually downloaded. This is noteworthy because downloadable malware is the preferred mechanism by which cybercriminals use the computing power of others to mine for themselves.
While certain cryptocurrencies like bitcoin now require specialized hardware to mine them effectively, Feathercoin and Litecoin, two of the cryptocurrencies sought by the perpetrator(s) of this attack, are designed to be minable via regular CPUs. Faou’s post revealed that all ...