A practice referred to as drive-by cryptomining has increasingly attracted attention in recent months as a relatively new way for bad actors to generate cryptocurrency. The practice works by leveraging the CPU resources of visitors to websites that have either been hacked or are otherwise malicious, potentially tapping into the power of millions of PCs. The one catch, however, is that the mining only persists as long as someone is on the website, stopping the second a visitor navigates away from the malicious page. A new technique recently discovered by researchers, however, allows for persistent drive-by cryptomining even after someone has left the website or otherwise exited the browser window.
Described by researchers at Malwarebytes (via Ars Technica), the new method discreetly opens a pop-under window that hides behind the clock on the Windows taskbar. Once open, the window sits there, continuing to mine cryptocurrency while eating up CPU resources in a way so as not to attract attention from most users. From Malwarebytes:
This type of pop-under is designed to bypass adblockers and is a lot harder to identify because of how cleverly it hides itself. Closing the browser using the "X" is no longer sufficient. The more technical users will want to run Task Manager to ensure there is no remnant running browser processes and terminate them. Alternatively, the taskbar will still show the browser's icon with slight highlighting, indicating that it is still running.
Interestingly, while CPU usage spikes to above 50 percent while the window is open, the code at work has been designed in such a way as to not max out CPU activity, ensuring that it is more likely to go unnoticed.
The researchers observed the technique working with the latest version of Google Chrome on Windows 7 and Windows 10. As for other browsers, the firm says "results may vary." As Malwarebytes suggests, it might be wise to keep an eye on task manager to make sure no extra browser processes remain running after you've exited the window. If a window is running, the browser's icon should remain highlighted on the taskbar as well.
Samsung's next Galaxy Unpacked is April 28. Are new laptops on the way?
Samsung has a new Galaxy Unpacked event happening on Wednesday, April 28th. What is odd is Samsung has already announced all its flagship phones for this season, suggesting this could be about its non-phone hardware. We have a few ideas based on recent leaks ...
Beoplay Portal for Xbox first look: Premium feel meets puzzling oversights
Bang & Olufsen caught the gaming world off guard with the launch of its ultra-premium Beoplay Portal headset. With an eye-watering $500 price, the headset cost as much as an Xbox Series X. But is it worth it? Here are some early thoughts.
Could Microsoft roll out a handheld Xbox console to take on Nintendo?
Since the dawn of time, man has looked to the heavens and asked, "what if Microsoft made an Xbox handheld?" For fun, let's imagine what that could potentially look like.
Add a bunch of ports to your Surface Laptop 4 with USB-C hubs and adapters
The Surface Laptop 4's port selection hasn't really changed, and many people will still need a hub or adapter to maximize connectivity. We've rounded up a bunch of the best right here.