Cryptojacking craze that drains your CPU now done by 2,500 sites

by
Dan Goodin
from Ars Technica - All content on (#37D9P)
maxed-out-cpu-800x558.jpg

Enlarge / A music streaming site that participated in Coinhive crypto mining maxes out the visitor's CPU. (credit: Malwarebytes)

A researcher has documented almost 2,500 sites that are actively running cryptocurrency mining code in the browsers of unsuspecting visitors, a finding that suggests the unethical and possibly illegal practice has only picked up steam since it came to light a few weeks ago.

Willem de Groot, an independent security researcher who reported the findings Tuesday, told Ars that he believes all of the 2,496 sites he tracked are running out-of-date software with known security vulnerabilities that have been exploited to give attackers control. Attackers, he said, then used their access to add code that surreptitiously harnesses the CPUs and electricity of visitors to generate the digital currency known as Monero. About 80 percent of those sites, he added, also contain other types of malware that can steal visitors' payment card details.

"Apparently, cyberthieves are squeezing every penny out of their confiscated assets," he said.

Read 6 remaining paragraphs | Comments

index?i=7oXmm71gGiI:ONsprhUGlLI:V_sGLiPB index?i=7oXmm71gGiI:ONsprhUGlLI:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments