Criminals mine cryptocurrency in users' browsers

Researchers have discovered that criminals are surreptitiously mining cryptocurrencies directly in unsuspecting victims' web browsers.

Security vendor ESET said it had found Javascript files executed by web browsers that mine Zcash, Feathercoin, and the anonymous Monero cryptocurrencies when the user navigates to certain websites.

The Javascript files are spread via malicious advertisements - so-called malvertising - that criminals have purchased, ESET said.

Most of the websites that provided traffic to the Javascript mining files offer video streaming or browser-based gaming.

Criminals choose sites that can mask higher than normal computer processor load caused by the mining scripts, ESET said.

The security vendor found links to Javascript files for cryptocurrency mining being distributed since June last year, after users complained about certain pages using abnormal amounts of processing power.

Using Javascript for cryptocurrency generation is between 1.5 to 2 times slower than native mining malware for specific operating systems. The attackers therefore choose cryptocurrencies that don't require custom hardware to mine effectively, ESET said.

Russia and the Ukraine had the highest instances of malicious mining, according to the security firm.

While the Javascript contained addresses to cryptocurrency wallets, ESET was not able to trace and work out how much money was stored in them.

ESET suggested using well-configured ad blockers or script blockers to protect against unwanted mining Javascript.

Mining Bitcoin via web browsers was the legitimate business of a company name Tidbit, which was sued by the New Jersey attorney-general for using people's computing power without permission. Tidbit folded after reaching a settlement with the New Jersey authorities.