Crypto-miners are all the rage at the moment. When a movie pirating site ran one surreptitiously, it raised a few eyebrows, but then a well-respected news site was found out to do so as well, and now it seems the list of sites secretly using visitors’ browsers to mine for crypto-currency grows every day. A new way of exploiting hapless users’ CPUs for mining is a form of malvertising which is designed to hide perfectly behind Windows’ taskbar.
Essentially, it’s the tried and tested pop-up window malware trick. Unbeknownst to the victim, even after they navigate away from an affected site, the code continues to run in the background, continuing to syphon off alt-coins. This continues even after the browser is closed.
The attraction of this form of malvertising for hackers is that it functions across all platforms and browsers. And it’s nearly impossible to spot. Yet, it is detectable. The windows task bar will indicate that the browser is still active even though all windows are closed – all the user then has to do is to shut down the browser to put an end to the crypto-mining activity.