A malvertising campaign is distributing code that mines different cryptocurrencies inside an unsuspecting user’s web browser.
In going after video streaming and gaming sites, attackers have deliberately chosen a target profile that maximizes the productivity of their cryptocurrency mining operations. Bleeping Computer’s Catalin Cimpanu elaborates on this point:
“Both types of sites use lots of resources, and users wouldn’t get suspicious when their computer slowed down while accessing the site. Furthermore, users tend to linger more on browser games and video streaming services, allowing the mining script to do its job and generate profits for the crooks.”
Bad actors are increasingly resorting to threats equipped with cryptocurrency miners in order to profit off unsuspecting users. In the first eight months of 2017, the number of users unwittingly victimized by cryptocurrency mining software grew to 1.65 million. Threat actors used a number of attack vectors to distribute the software, including free adware installers and technical vulnerabilities like EternalBlue.