A practice referred to as drive-by cryptomining has increasingly attracted attention in recent months as a relatively new way for bad actors to generate cryptocurrency. The practice works by leveraging the CPU resources of visitors to websites that have either been hacked or are otherwise malicious, potentially tapping into the power of millions of PCs. The one catch, however, is that the mining only persists as long as someone is on the website, stopping the second a visitor navigates away from the malicious page. A new technique recently discovered by researchers, however, allows for persistent drive-by cryptomining even after someone has left the website or otherwise exited the browser window.
Described by researchers at Malwarebytes (via Ars Technica), the new method discreetly opens a pop-under window that hides behind the clock on the Windows taskbar. Once open, the window sits there, continuing to mine cryptocurrency while eating up CPU resources in a way so as not to attract attention from most users. From Malwarebytes:
This type of pop-under is designed to bypass adblockers and is a lot harder to identify because of how cleverly it hides itself. Closing the browser using the "X" is no longer sufficient. The more technical users will want to run Task Manager to ensure there is no remnant running browser processes and terminate them. Alternatively, the taskbar will still show the browser's icon with slight highlighting, indicating that it is still running.
Interestingly, while CPU usage spikes to above 50 percent while the window is open, the code at work has been designed in such a way as to not max out CPU activity, ensuring that it is more likely to go unnoticed.
The researchers observed the technique working with the latest version of Google Chrome on Windows 7 and Windows 10. As for other browsers, the firm says "results may vary." As Malwarebytes suggests, it might be wise to keep an eye on task manager to make sure no extra browser processes remain running after you've exited the window. If a window is running, the browser's icon should remain highlighted on the taskbar as well.
Minecraft Dungeons: 10 things that we'd love to see improved
Minecraft Dungeons is a great game, but as we max out the game and hit full completion, there are a few things we think could easily be improved. Here are ten of them.
How Microsoft Teams changed my football team during the pandemic
The global health crisis caused my football team's practices and season to be canceled. To continue coaching, we switched to virtual classroom sessions using Microsoft Teams.
Twitter PWA picks up a simple tweet scheduler in latest update
Twitter's PWA is now showing a tweet scheduler, which was previously only in testing for some users. The feature has long been a part of TweetDeck, but it is now available to anyone using twitter.com or the Twitter progressive web apps, including from the Microsoft Store.
Best Xbox-themed Pride Accessories
June is LGBT Pride Month, which means that it's time to show your spirit! Check out these awesome Xbox-themed LGBT Pride accessories.
