Australia heavily targeted by drive-by mining


By Dylan Bushell-Embling
Thursday, 09 November, 2017


Australia heavily targeted by drive-by mining

Australia is the most heavily targeted nation among eight major Asia–Pacific markets by drive-by cryptocurrency mining attacks, according to research from Malwarebytes.

Drive-by mining involves websites using JavaScript code to hijack unsuspecting visitors’ processing power to mine cryptocurrencies.

Malwarebytes’ research found that Australian internet users had 12.2 million drive-by mining events in the month of October alone, twice as much as the Philippines, the next most exposed Asian market. But Australia did not make it into the top 10 most targeted countries worldwide.

Globally, Malwarebytes software blocked an average of eight million attempts to conduct unauthorised drive-by mining per day throughout August and 248 million attempts for the entire month.

Unlike major cryptocurrencies such as Bitcoin, which require massive computing power to generate new codes, drive-by mining typically focuses on lesser-used cryptocurrencies that are designed to be mined using home computers such as Monero.

The legal status of drive-by mining is currently up in the air, with some experts arguing that the practice could serve to replace advertising as a source of revenue for websites as use of ad blockers increases.

Malwarebytes noted that the issue of drive-by mining was brought to light by the discovery that torrent website the Pirate Bay was using the technique without users’ awareness. In addition, many sites are not enforcing any kind of throttling, which can tax and slow down a computer system and contribute to higher power bills.

In addition, there is so much interest around cryptocurrencies that miners themselves have become frequent targets of hijack attacks. The Coinhive miner’s DNS records were recently captured and pointed to a third-party server, ensuring all profit from mining transactions went to the attackers.

“Browser-based cryptomining has a lot in its favour considering that the online ad industry as one example has been dealt many blows over the past few years, in large part due to the increased usage of ad blockers,” Malwarebytes ANZ Regional Director Jim Cook said.

“In the end, the future success of web-based mining as a business model will be based on honest communication with users and the almost mandatory opt-in, which is the main characteristic that differentiates it from drive-by mining. The problem can be summarised by a fundamental question asked many times: ‘Are you running a coin miner on your site or have you been hacked?’ Clearly, trust will only be gained with transparency in the year ahead.”

Follow us and share on Twitter and Facebook

Related Articles

Nation-state actors have their sights on the cloud

Prioritising the protection of credentials and adopting robust security measures can better...

Combating financial crime with AI

Rapid digital transformation across Australia and New Zealand has provided cybercriminals with...

Learning from the LockBit takedown

An international taskforce has seized the darknet sites run by LockBit, but relying on law...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd