LIVE
Telegram Wallet Offers Tokenized SK Hynix Shares via xStocks: ReportKraken Plans Agentic Trading With AI Bots for Crypto InvestorsEmpery Digital Sells 1,400 BTC for $87.1M, Cuts Bitcoin TreasuryGarlinghouse Says SEC Nearly Forced Ripple to Shut DownPolymarket Launches Combo Trading for Prediction BetsBitcoin Policy Institute Moves to Intervene in Satoshi LawsuitBonzo Alleged Exploiter Holds $7 Million in ETH, Report SaysCrypto Clarity Act Could Reach U.S. Senate by July 13: ReportRobinhood AI Agents Could Bring Crypto Trading to US Users SoonKraken to Relaunch Mobile App With AI-Powered Agentic Trading FeatureTelegram Wallet Offers Tokenized SK Hynix Shares via xStocks: ReportKraken Plans Agentic Trading With AI Bots for Crypto InvestorsEmpery Digital Sells 1,400 BTC for $87.1M, Cuts Bitcoin TreasuryGarlinghouse Says SEC Nearly Forced Ripple to Shut DownPolymarket Launches Combo Trading for Prediction BetsBitcoin Policy Institute Moves to Intervene in Satoshi LawsuitBonzo Alleged Exploiter Holds $7 Million in ETH, Report SaysCrypto Clarity Act Could Reach U.S. Senate by July 13: ReportRobinhood AI Agents Could Bring Crypto Trading to US Users SoonKraken to Relaunch Mobile App With AI-Powered Agentic Trading Feature
Homepage/News/Cryptojacking Attacks Still On The Rise Even After Coinhive Shutdown
NEWS

Cryptojacking Attacks Still On The Rise Even After Coinhive Shutdown

BY Anca Florentis·2 MIN READ·MAY 3, 2019

Cryptojacking has been an issue in the world of cryptocurrencies ever since digital assets started gaining traction. The streak of malicious crypto mining is still on the rise even as Coinhive, the infamous cryptocurrency mining script, shut down its services earlier this year.

KEY FINDINGS - EVIDENCE LEVEL: MULTI-SOURCE
1Key sections mapped in this report
3Internal references connected to related coverage
1External source domains cited in the article
2 minEstimated time to read the full report

Malwarebytes has reportedly blocked over 200,000 requests to link to Coinhive, just one day after the service officially shut down on March 8, 2019. Malwarebytes also revealed that they had found out a new mining software called ‘WebMinePool,’ that targets the web routers which were the previous aim of the Coinhive script.

“Interestingly, we still detect thousands of blocks for Coinhive-related domain requests, even though the service announced it was shutting down on March 8. Over the past week, our telemetry recorded an average of 50,000 blocks per day.” – read the official release issued by Malwarebytes.

According to the website, the reason why these websites can still be infected is due to the fact that many of these pages never had the remnants of previous Coinhive attacks completely removed from their code. That meant that bits of the JavaScript code which was used to request data from the Coinhive library are still present in the pages, meaning that attackers can use this route to once again infect the website.

The threat of Coinhive’s legacy prompted Mozilla Firefox to address this issue after the popular browser issued a statement called ‘Protecting Against Fingerprinting and Cryptocurrency Mining Available in Firefox Nightly and Beta.’

“At Mozilla, we have been working hard to protect you from threats and annoyances on the web, so you can live your online life with less to worry about. Last year, we told you about adapting our approach to anti-tracking given the added importance of keeping people’s information on the web private in today’s climate.” – read the report issued by Mozilla.

SOURCE TRANSPARENCY
  • External Source - Referenced domain: malwarebytes.com
  • Byline - Reported by Anca Florentis
  • Coverage Desk - Primary editorial category: News
  • Media Asset - Featured image served from the WordPress media library