topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Sunday December 15, 2024, 10:36 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

« previous next »
Pages: [1] • bottom

Author Topic: SafeBrowse chrome extension hides a cpu draining trojan  (Read 6239 times)

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,914
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
SafeBrowse chrome extension hides a cpu draining trojan
« on: September 24, 2017, 08:46 AM »
SafeBrowse, a Chrome extension with more than 140,000 users, contains an embedded JavaScript library in the extension's code that mines for the Monero cryptocurrency using users' computers and without getting their consent. The additional code drives CPU usage through the roof, making users' computers sluggish and hard to use.


From https://www.bleeping...hat-drains-your-cpu/

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,778
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: SafeBrowse chrome extension hides a cpu draining trojan
« Reply #1 on: September 26, 2017, 12:11 AM »
Showtime's websites recently did the same thing:

The flagship Showtime.com and its instant-access ShowtimeAnytime.com sibling silently pulled in code that caused browsers to blow spare processor time calculating new Monero coins – a privacy-focused alternative to the ever-popular Bitcoin. The hidden software typically consumed as much as 60 per cent of CPU capacity on computers visiting the sites.

[...]

However, it's extremely unlikely that a large corporation like CBS would smuggle such a piece of mining code onto its dot-coms – especially since it charges subscribers to watch the hit TV shows online – suggesting someone hacked the websites' source code to insert the mining JavaScript and make a quick buck.
-https://www.theregister.co.uk/2017/09/25/showtime_hit_with_coinmining_script/

Shades

  • Member
  • Joined in 2006
  • **
  • Posts: 2,939
    • View Profile
    • Donate to Member
Re: SafeBrowse chrome extension hides a cpu draining trojan
« Reply #2 on: September 27, 2017, 09:29 AM »
There is talk about doing just this on sites that offer free content. This type of script should then replace banners/ads on those websites.

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 5,644
    • View Profile
    • Donate to Member
Re: SafeBrowse chrome extension hides a cpu draining trojan
« Reply #3 on: September 27, 2017, 08:49 PM »
NoCoin

No coin is a tiny browser extension aiming to block coin miners such as Coinhive.

I was looking at just doing a small GreaseMonkey/TamperMonkey script just to block them all, this is a bit better in that you can whitelist if you want.

The current blacklist it uses:
[Select]
*://coin-hive.com/lib*
*://coin-hive.com/captcha*
wss://*.coin-hive.com/proxy*
*://jsecoin.com/server*
*://*.jsecoin.com/server*
*://static.reasedoper.pw/*
*://mataharirama.xyz/*
*://listat.biz/*
*://lmodr.biz/*
*://minecrunch.co/web/*

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,778
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: SafeBrowse chrome extension hides a cpu draining trojan
« Reply #4 on: October 16, 2017, 12:49 AM »
Politifact is the latest site to be compromised with CoinHive:

https://www.engadget...urrency-mining-code/
Pages: [1] • top
« previous next »