Bitcoin mining has gained popularity, coupled with its huge current value, people are exploring several means of mining the cryptocurrency with out having to invest in hardware dedicated for the process.
Sometime ago, the Pirate Bay was caught using visitors' CPU time to mine for cryptocurrency in the background and ever since then, more website owners have indulged in the process. Security researchers are now saying that some website owners are using a drive-by mining technique that allows them to continue using visitors CPU to mine even after the visitor has left the site.
According to researchers from security firm Malwarebytes who made the discovery, the researchers described that form of mining as "persistent drive-by cryptomining" which is most likely to go unnoticed by most site visitors.
The security researchers explained that a pop-under is used to enable cryptomining to continue even after a visitor has left a site that has an embedded cryptominer. One major reason why the pop-under goes unnoticed is that the pop under is very small and is positioned almost off the screen.
"This type of pop-under is designed to bypass adblock and is a lot harder to identify because of how cleverly it hides tself. Closing the browser using the 'X' is no longer sufficient. The more technical users will want to run Task Managers to ensure there is no remnant running browser processes and terminate them. Alternatively, the taskbar will still show the browser's icon with slight highlighting, indicating that it is still running." Malwarebytes' Jerome Segura said in a blog post.
"Unscrupulous website owners and miscreants alike will no doubt continue to seek ways to deliver drive-by mining, and users will try to fight back by downloading more adblockers, extensions, and more tools to protect themseilves. If malvertising wasn't bad enough as is, now it has a nnew weapon that works on all platforms and browser."