PDA

View Full Version : computer security notice: Cryptojacking .. you may not be not safe ...



arthurking83
21-04-2018, 2:29pm
No matter which OS, browser or security set up you may be running.
Makes no difference if you run Win, Linux, Mac or whatever .. it's Javascript, and every browser uses it.

Cryptojacking (https://www.bleepingcomputer.com/news/security/coinhive-is-rapidly-becoming-a-favorite-tool-among-malware-devs/)

Summary, for those not interested in reading technogobbeldygook:

Basically just opening a webpage in your browser could have you adding profits to the coffers of unscrupulous types .. and even legitimate sites.

I'm sure by now many people have heard of Bitcoin. A cryptocurrency that's made the news over the past 12 or so months.
Cryptocurrencies can be mined on the web, and money can be made in doing so.
So some folks have made programs to do just that, and of course in doing so, other devs see this as an opportunity to use your computer for their self serving needs .. ie. their profit.

Seems that some browser addons may be surreptitiously doing this to your computer system.
eg. given in the link points to a Chrome addon hypocritically called SafeBrowse. :rolleyes:

Certainly mis typed web pages may be.
Some sites apparently openly added this to their setup, to help them make money without displaying more ads.
Be weary of any adware you may have unknowingly installed, eg. if you use a free program, or trial a program, or browser addon.
Site could be hacked, and the profiteering types added the cryptocoinmalware to help themselves .. eg. blogs sites and so forth.

Symptoms: high CPU usage for no apparent reason.

Be safe .. and vigilant!

John King
21-04-2018, 5:09pm
Thanks, Arthur.

Having "too much" security is like having too much good health or too many good friends.

Same principle applies to backups ...

Start with strong firewall/security settings in your ADSL/cable modem/router.

Use a desktop based firewall.

Use good desktop antivirus software. I prefer MalwareBytes Premium. Multi year, multi computer licences cut the cost per seat dramatically.

I also run separate antispyware software. And a further software firewall program that is downright bloody-minded about the checksum of any program that's trying to access either our own network or the Internet.

Never open anything you haven't been expecting, even if from someone you know ...

With Windows computers, ensure that "hide file extensions for known file types" is turned off. It is turned on by default ...

Tannin
21-04-2018, 5:28pm
Good advice from John (who is reliable on every computer topic). (Except one :) ) Adding to it -

Good ad-blocking software is essential - more important than AV & anti-spyware. Most (but not all) drive-by malware arrives via advertising. Blocking that avenue off is a big part of your comprehensive, multi-layered security routine.

John King
21-04-2018, 5:34pm
Spot on, Tony. I missed that one. I also run ad blocking s/w with all the browsers I use.

ameerat42
21-04-2018, 6:30pm
Ta guys...

- - - Updated - - -

Hah! Speak of the DEBBILS!
So all of a sudden this popped up in a new tab.

I've NEVVA seen the like before, and have had ABP for ages :confused013

Are there any learned comments that might assuage some incipient anxiety?

135506

- - - Updated - - -

This was the url: moz-extension(colon double-slash)7b255699-ea28-4efd-9fe3-6ae4e07abb6e/updates.html

John King
21-04-2018, 7:38pm
Spot on, Tony. I missed that one. I also run ad blocking s/w with all the browsers I use.

I also forgot to mention about not allowing redirection in browser windows.

Tannin
21-04-2018, 7:44pm
I have no specific information on that AM, but I had the same thing when I restarted Firefox yesterday. It is normal for various other add-ins to take you to a similar page after an update. So do, some don't. I haven't seen ABP do this before. Possibly they have changed their policy, possibly it is the first time they have done an update since I first installed it -though this seems unlikely as that was quite some time ago.

It was a useful message insofar as it drew my attention to a new feature: ABP now offers an option to accept well-behaved advertising (no Flash, no sounds, no movies, no flashing lights, limited amount of page space, no pop-ups, and so on) but with tracking blocked. I've always switched the ABP "well behaved ads" option off in the past, but decided to give this new version of it a try. It has twin benefits: it provides some income for ABP (which is fine by me) and encourages responsible, non-intrusive advertising. I don't actually object to ads as such, only annoying ones. (And ones which track me.) These "non-annoying" ads are placed by agencies which have signed up to a reasonable code of conduct: I'm happy to encourage them for the time being and see how things go.

Too early to say anything much about how it works. I only use ABP on Firefox (I have other ad-blockers on my other browsers) and don't use Firefox all that much. If I have forgotten all about the experiment in a week or two, then nothing is annoying me and I'll call it a success.

ameerat42
21-04-2018, 7:49pm
Ta JK. You know, I have two ad-blockers installed: ABP and AdBlocker Ultimate.
They don't clash and just sit there trying to outdo each other. I'll just see what
happens. I sort of guessed that screen was not malware.

John King
21-04-2018, 8:32pm
Am, it's always good to have multiple layers, as Tony already mentioned. Even if something malignant does jump out of your browser, chances are that your (good) real time antivirus s/w will also try to catch it on the way past ... If there are enough tank traps, almost all the nasties will get got.