Malicious Chrome extension attempted to infect tens of millions of users to mine the Monero cryptocurrency.
Cryptocurrencies are trending and with the rise in popularity has come a rise in its mining. Cryptomining partly determines currency value, however, mining can be expensive, as it requires high amounts of processing power, which can be achieved through huge server farms. Constructing and maintaining the infrastructure, and accessing the electricity necessary to run these farms requires enormous financial investment. To save on costs, cybercriminals instead resort to using the power of your PC or smartphone to mine, and in many cases, they aren’t asking your permission.
Nearly 35 million was a huge spike, compared to the number of times we blocked this miner from mining on our users PCs in the days prior, as can be seen in the chart below.
We have seen several types of cryptomining malware this year, including Adylkuzz which peaked in May, and cryptomining malware that targeted mobile users last month. These examples and the miner that peaked on Sunday have one thing in common: They mine the Monero cryptocurrency. So the question is, why do they all mine Monero and not Bitcoin or any other cryptocurrency?
One reason might be that Monero keeps transactions private, which also comes in handy for the cybercriminals if they want to obscure their activities. Monero uses three different privacy technologies to hide the sender, amount being sent and the recipient, obscuring transaction details. Therefore, Monero has become very popular in general, and its value has grown from under $2 to over $200, which is probably another reason why Monero is the cybercriminals’ currency of choice. While Bitcoin is widely used, it doesn’t keep transactions private and is more difficult to mine compared to Monero, which can be reasonably mined using a browsers’ CPU power.
How to find out if your browser is secretly mining, and what you can do about it
Avast antivirus products detect these embedded miners. In addition, there are a few other strategies you can employ to see if your browser is mining:
- Check to see what scripts your browser has loaded. If you are registering significant CPU load yet there is only one tab in your browser and you are not running anything that should put significant load on your CPU, then odds are you’re being used to mine cryptocurrency.
- If you discover that a site you visit is mining, and you use an ad blocker that lets you add additional URLs to their “block” list, add this website to your list.
- Search the Chrome Web Store—or something similar—for “miner blockers” and see what comes up. Developers have already created ways to automatically detect mining and stop it from occurring.