The entire world witnessed the fluctuation of the Bitcoin exchange rates, as the media followed the rapid and unprecedented growth rates of this digital currency, starting with the increase in its exchange rate from $ 0 to $ 1,000 in 1,789 days, and then from $ 1,000 to $ 2,000 within 1,271 days, And from $ 6,000 to $ 7,000 in just 13 days. According to the results of "Google Trends", we find that global searches in pursuit of "buying bitcoin" have far surpassed searches for "buying gold", after overcoming previous searches for "buying silver."
Of course, this massive surge in the exchange rates of Bitcoin and other digital currencies has not been ignored by cyber criminals. For some time now, hackers have used, according to Palo Alto Networks, these currencies to facilitate their operations. For example, they are demanding payment in order to free their victims from ransomware through digital currency accounts, and the spread of this method has been boosted by the high The value of digital currencies, as well as the anonymity feature provided by many digital currency wallets, compared to traditional banking operations.
On the other hand, the great concern over the growing value of digital currencies led many people to turn away from them. However, the results of the latest investigations conducted by researchers at Palo Alto Networks revealed that some of us contribute to making fortunes from digital currencies for the benefit of others, without our knowledge or even getting a part of these gains.
This is done through fraud related to how to collect digital currencies, the process of mining digital currency is one of the complex and programmatic stressful operations, which requires the participation of many computers within the digital currency network, at its maximum capacity, in order to verify the record of a single transaction, which is what It's called blockchain technology, which results in the digital currency in return. Many websites contain code that secretly uses visitors' computers to mine high-value digital currencies. As this code is entered by hackers, who take advantage of the security vulnerabilities of some sites or programs available on the pages of the sites. And cryptocurrency mining hackers can run mining software from their own computers in order to reap big rewards.
However, accomplishing this process requires a high degree of computer processing power, which explains the proliferation of pages and browsers for cryptocurrency mining recently. Although the computer processing capacity of a single device is much less than what is provided by specialized devices, the ability to exploit many users, and across different sites, can replace this.
Coinhive is one of the most popular and popular mining browsers, as it provides site owners with fragments of JavaScript scripts for site users' devices for ease and integration of operations. Although this method is legitimate, and everyone is aware of it, we recently released certain details about how some sites hide JavaScript texts related to Coinhive's digital currency mining process within their sites, without the knowledge of the site's visitors. And what happens then is that the visitor's computing resources will be involved in running the heavily processed mining operation for the duration of his visit to the site.
This process by itself does not cause long-term damage to the systems, it ends as soon as the user leaves the site. Although the site will provide its users with the usual and desired tasks and functions, users will notice a noticeable slowdown in the performance of their systems.
Then, the site owners will reap the bulk of the illicitly minted digital currency. For example, Coinhive users are mining the Moneros digital currency (XMRs) for the benefit of the same site, and Coinhive pays them 70 percent of the mineral value. The designers of this script will get new digital currencies when a website visitor completes the complex processing operations, regardless of the computer system that completed the actual processing. And due to the high value of digital currencies, we will find that these businesses are very profitable even for new players on the scene, including Crypto-Loot, which offers similar services but with 88 percent of the proceeds.
The use of Coinhive or similar mining services is not considered a malicious or malicious activity in and of itself, but how they are used makes them malicious sites. As for the sites whose activities we monitored in the field of cryptocurrency mining, none of them warned the user in any way about the nature of this process and its requirements, let alone informing him of the remote control software that they use in the mining process.
Tags:
technology