Australia heavily targeted by drive-by mining

By Dylan Bushell-Embling
Thursday, 09 November, 2017

02636frh carousel

Australia is the most heavily targeted nation among eight major Asia–Pacific markets by drive-by cryptocurrency mining attacks, according to research from Malwarebytes.

Drive-by mining involves websites using JavaScript code to hijack unsuspecting visitors’ processing power to mine cryptocurrencies.

Malwarebytes’ research found that Australian internet users had 12.2 million drive-by mining events in the month of October alone, twice as much as the Philippines, the next most exposed Asian market. But Australia did not make it into the top 10 most targeted countries worldwide.

Globally, Malwarebytes software blocked an average of eight million attempts to conduct unauthorised drive-by mining per day throughout August and 248 million attempts for the entire month.

Unlike major cryptocurrencies such as Bitcoin, which require massive computing power to generate new codes, drive-by mining typically focuses on lesser-used cryptocurrencies that are designed to be mined using home computers such as Monero.

The legal status of drive-by mining is currently up in the air, with some experts arguing that the practice could serve to replace advertising as a source of revenue for websites as use of ad blockers increases.

Malwarebytes noted that the issue of drive-by mining was brought to light by the discovery that torrent website the Pirate Bay was using the technique without users’ awareness. In addition, many sites are not enforcing any kind of throttling, which can tax and slow down a computer system and contribute to higher power bills.

In addition, there is so much interest around cryptocurrencies that miners themselves have become frequent targets of hijack attacks. The Coinhive miner’s DNS records were recently captured and pointed to a third-party server, ensuring all profit from mining transactions went to the attackers.

“Browser-based cryptomining has a lot in its favour considering that the online ad industry as one example has been dealt many blows over the past few years, in large part due to the increased usage of ad blockers,” Malwarebytes ANZ Regional Director Jim Cook said.

“In the end, the future success of web-based mining as a business model will be based on honest communication with users and the almost mandatory opt-in, which is the main characteristic that differentiates it from drive-by mining. The problem can be summarised by a fundamental question asked many times: ‘Are you running a coin miner on your site or have you been hacked?’ Clearly, trust will only be gained with transparency in the year ahead.”

Follow us and share on Twitter and Facebook

Related Articles

Tech giants sign cybersecurity accord

A group of 34 technology giants has signed an accord agreeing not to assist governments in...

Canberra blames Russia for cyber incidents

Russian state-sponsored actors were responsible for router-based cyber attacks in October 2017,...

40% of hackers can exfiltrate data in an hour

The second annual Nuix Black Report shows that 40% of hackers say they can break into a system,...

  • All content Copyright © 2018 Westwick-Farrow Pty Ltd