Australia heavily targeted by drive-by mining
Australia is the most heavily targeted nation among eight major Asia–Pacific markets by drive-by cryptocurrency mining attacks, according to research from Malwarebytes.
Drive-by mining involves websites using JavaScript code to hijack unsuspecting visitors’ processing power to mine cryptocurrencies.
Malwarebytes’ research found that Australian internet users had 12.2 million drive-by mining events in the month of October alone, twice as much as the Philippines, the next most exposed Asian market. But Australia did not make it into the top 10 most targeted countries worldwide.
Globally, Malwarebytes software blocked an average of eight million attempts to conduct unauthorised drive-by mining per day throughout August and 248 million attempts for the entire month.
Unlike major cryptocurrencies such as Bitcoin, which require massive computing power to generate new codes, drive-by mining typically focuses on lesser-used cryptocurrencies that are designed to be mined using home computers such as Monero.
The legal status of drive-by mining is currently up in the air, with some experts arguing that the practice could serve to replace advertising as a source of revenue for websites as use of ad blockers increases.
Malwarebytes noted that the issue of drive-by mining was brought to light by the discovery that torrent website the Pirate Bay was using the technique without users’ awareness. In addition, many sites are not enforcing any kind of throttling, which can tax and slow down a computer system and contribute to higher power bills.
In addition, there is so much interest around cryptocurrencies that miners themselves have become frequent targets of hijack attacks. The Coinhive miner’s DNS records were recently captured and pointed to a third-party server, ensuring all profit from mining transactions went to the attackers.
“Browser-based cryptomining has a lot in its favour considering that the online ad industry as one example has been dealt many blows over the past few years, in large part due to the increased usage of ad blockers,” Malwarebytes ANZ Regional Director Jim Cook said.
“In the end, the future success of web-based mining as a business model will be based on honest communication with users and the almost mandatory opt-in, which is the main characteristic that differentiates it from drive-by mining. The problem can be summarised by a fundamental question asked many times: ‘Are you running a coin miner on your site or have you been hacked?’ Clearly, trust will only be gained with transparency in the year ahead.”
Strategies for navigating Java vulnerabilities
Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...
Not all cyber risk is created equal
The key to mitigating cyber exposure lies in preventing breaches before they happen.
How AI can help businesses manage their cyber risks
Artificial intelligence can be a powerful ally in the fight against cyberthreats.