Here’s a worrying piece of news from the folks at Malwarebytes – persistent cryptocurrency mining scripts that continue to run even when you close the web page running the script.

For those that aren’t aware a crypto-mining script allows a website to utilise your hardware to mine cryptocurrency such as Monero. Earlier this year local technology news website Memeburn was found to be running a crypto-mining script which it says it did not put there.

While ethically using a visitors CPU to mine crypto occupies something of a grey area, users can simply close the website and stop their hardware from being exploited by miscreants.

However researcher Jerome Segura from Malwarebytes has detailed a new iteration of a crypto-mining script that remains active even after the website has been closed.

“The trick is that although the visible browser windows are closed, there is a hidden one that remains opened. This is due to a pop-under which is sized to fit right under the taskbar and hides behind the clock,” writes Segura.

The tests were conducted using the latest version of Google Chrome so results may vary from browser to browser.

The script uses a moderate amount of CPU power to remain undetected and users would need to resize the taskbar to spot to offending window.

The researcher also says that when all browser windows are closed one will remain open and users can right click the window on the taskbar to close it.

Users can also open Task Manager to insure that the webpage has well and truly been closed.

“Unscrupulous website owners and miscreants alike will no doubt continue to seek ways to deliver drive-by mining, and users will try to fight back by downloading more adblockers, extensions, and other tools to protect themselves,” writes Segura.

The researcher says that the script was spotted on an adult website that was already using aggressive advertising so you might want to keep that in mind when browsing on websites that are known to throw a ton of pop-ups and pop-unders your way.


[Source – Malwarebytes][Image – CC 0 Public Domain Pixabay]
Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.