Dodgy sites continue mining cryptocurrency even after you close your browser

2 min read


Earlier this year, we told you that a few dodgy sites were surreptitiously running cryptocurrency miners in the background. By just directing your browser towards a certain site, your PC and your electricity would be used to earn money for other people. The Pirate Bay pulled this trick for a while, before enraged users digitally rioted.

Now some dodgy sites are making it so they continue to mine from your PC, even after you’ve closed your browser. Malwarebytes detailed how it works in a blog post, and it’s really quite sneaky.

Dodgy sites (in this case, a purveyor of pornography) load up scripts that open hidden pop-under windows which then hide under taskbars, mining cryptocurrency in the background. Cleverly, mining is throttled, as to not utilise your entire CPU, in an attempt to stay under the radar. It’s designed to bypass adblockers, meaning your fancy plugins probably won’t notice it.

If you’ve noticed your PC running a just a little more sluggish than usual, it’s possible you’ve visited a dodgy site and become victim to a bit of drive-by mining.

“This type of pop-under is designed to bypass adblockers and is a lot harder to identify because of how cleverly it hides itself,” says Jérôme Segura, Malwarebytes’ Lead Malware Intelligence Analyst. “Closing the browser using the “X” is no longer sufficient.”

Thankfully, there are ways to mitigate this. While most adblockers and Antivirus programs won’t notice this behaviour, there are a few extensions like No Coin for Firefox and Chrome that stop mining scripts in their tracks.

Last Updated: November 30, 2017

Geoffrey Tim

Editor. I'm old, grumpy and more than just a little cynical. One day, I found myself in possession of a NES, and a copy of Super Mario Bros 3. It was that game that made me realise that games were more than just toys to idly while away time - they were capable of being masterpieces. I'm here now, looking for more of those masterpieces.

Check Also

Scamming Steam game contains malware and cryptominer

Many rightfully criticised Valve for opening Steam’s floodgates, with the worry that the a…