Windows 10: How does a browser injected coin miner work?

Discus and support How does a browser injected coin miner work? in Browsers and Email to solve the problem; I seem to have fell prey to a website that had either intentionally or unintentionally been injected with a coin miner. I first noticed high CPU temps... Discussion in 'Browsers and Email' started by Kol12, Mar 28, 2018.

  1. Kol12 Win User

    How does a browser injected coin miner work?


    I seem to have fell prey to a website that had either intentionally or unintentionally been injected with a coin miner. I first noticed high CPU temps and thought my CPU cooler had failed. Then I found Chrome's high CPU utilization in Task Manager and then the culprit website through Chrome's own task manager.

    Is this a form of malware? Does it infect the machine permanently? Or is it's focus to gain your system resources rather than personal information? Access to one's PC in any form is not good in my book. None of my AV mitigation's detected the miner.

    Are there any mitigation's that can be put in place to protect ourselves from such breaches? I'm surprised that Chrome does not have a lock on this behavior yet. Appreciate any assistance *Mad

    :)
     
    Kol12, Mar 28, 2018
    #1

  2. Win 10 10586 Remote Desktop intermittantly won't connect from Win 7

    I think I have narrowed this problem down to a command I use to run a cryptocurrency Miner for NVidia called ccminer21. I use it to mine coins. In order to get the miner to start while in a Remote Session to the PC, I use a command "tscon 2 /dest:console
    & ccminer21.exe" to run it, and also with Administrator rights. This allows me to run the miner while in a Remote session. On 10240, there were no problems.

    In 10586, it seems that it will allow me to run the ccminer21 without directing it to the console. But, when I attempt to log back onto the PC, it won't allow me. The fix is to run it with Administrator rights, that way it's not running in my login session,
    it's running with elevated rights, and allows me to login again. So the fix is to always run in Administrator rights. Not sure why it is different in the 10586.

    I also have to use an older version of the Nvidia drivers, the newer drivers are much slower mining the coins. I have contacted Nvidia, and have not received any advice, or comment on that problem. I just run the older drivers and that fixes that particular
    problem.
     
    Charger.Dodge, Mar 28, 2018
    #2
  3. Remote Desktop not working on Win 10 10565

    I think I have narrowed this problem down to a command I use to run a cryptocurrency Miner for NVidia called ccminer21. I use it to mine coins. In order to get the miner to start while in a Remote Session to the PC, I use a command "tscon 2 /dest:console
    & ccminer21.exe" to run it, and also with Administrator rights. This allows me to run the miner while in a Remote session. On 10240, there were no problems.

    In 10586, it seems that it will allow me to run the ccminer21 without directing it to the console. But, when I attempt to log back onto the PC, it won't allow me. The fix is to run it with Administrator rights, that way it's not running in my login session,
    it's running with elevated rights, and allows me to login again. So the fix is to always run in Administrator rights. Not sure why it is different in the 10586.

    I also have to use an older version of the Nvidia drivers, the newer drivers are much slower mining the coins. I have contacted Nvidia, and have not received any advice, or comment on that problem. I just run the older drivers and that fixes that particular
    problem.
     
    Charger.Dodge, Mar 28, 2018
    #3
  4. simrick Win User

    How does a browser injected coin miner work?

    Hi.
    Have a read here:
    https://www.wired.com/story/cryptoja...ining-browser/

    Explains it pretty well. You need some miner blockers in your browsers, at minimum.
     
    simrick, Mar 28, 2018
    #4
  5. Kol12 Win User
    Kol12, Mar 29, 2018
    #5
  6. simrick Win User
    Cheers Kol12. It's a jungle out there! *Wink
    Please mark the thread as solved.
     
    simrick, Apr 5, 2018
    #6
Thema:

How does a browser injected coin miner work?

Loading...
  1. How does a browser injected coin miner work? - Similar Threads - does browser injected

  2. how do i get my coins back?

    in Windows 10 Gaming
    how do i get my coins back?: lost all my coins when I downloaded my vegas downtown slot game to my new pc. how do I get them back? https://answers.microsoft.com/en-us/windows/forum/all/how-do-i-get-my-coins-back/110943ea-24ea-49d0-adce-be5b42bcf868
  3. Runas Credentials Injection Stopped Working

    in AntiVirus, Firewalls and System Security
    Runas Credentials Injection Stopped Working: There's a method of using 'Runas' command with '/netonly' so you could save fake credentials in memory. I check the result with mimikatz. For some reason it worked for me once, but never again since, and I tried several time on different computer with different users. It...
  4. Web browser does not work

    in Windows 10 Network and Sharing
    Web browser does not work: I have problems with my web browser. Mozilla Firefox freezes very frequently and sometimes closes unexpectedly. Help me please solve this https://answers.microsoft.com/en-us/windows/forum/all/web-browser-does-not-work/c0190ceb-1503-4991-a830-77038815a80e
  5. Cant inject DLLs

    in Windows 10 Network and Sharing
    Cant inject DLLs: so im trying to inject a DLL with a DLL Injector but it doesn't work, I tried using other injector, its the same (I just reinstalled windows) https://answers.microsoft.com/en-us/windows/forum/all/cant-inject-dlls/978bc54b-6b5b-4f6c-9d24-6fa8d58ac761
  6. How to Inject Drivers to Windows 10 Image

    in Windows 10 Installation and Upgrade
    How to Inject Drivers to Windows 10 Image: Hi All, I need help to inject multiple drivers model to single windows 10 image i just created an answer file to automate windows 10 without any user interaction and it works like a champ, but now i intend to install this image to multiple workstations and laptops is there a...
  7. Kaspersky Script Injection

    in AntiVirus, Firewalls and System Security
    Kaspersky Script Injection: Warning received after turning off Kaspersky JavaScript Injection. I want my system to be secure, but the slowdown is unacceptable. Any thoughts from those who use Kaspersky? 109930
  8. Protecting yourself from In-Browser Miners

    in AntiVirus, Firewalls and System Security
    Protecting yourself from In-Browser Miners: Miners are becoming an epidemic and in-browsing mining is only going to get worse. Therefore, it is important that all users protect themselves by installing antivirus software that detects when a browser connects to known mining services such as CoinHive. Unfortunately,...
  9. cpu miner what is the use for it and how to get rid of it

    in Windows 10 Software and Apps
    cpu miner what is the use for it and how to get rid of it: hey guys, CPU MINER comes up in the task manager (something to do with Bitcoins) and i want to get rid of it. Do not find anything in the registry, in fact do not find it anywhere. But i do not want it. Is there a program or something that i can do to solve this...
  10. [DLL] Injection Method used returned NULL (Injection failed).

    in Windows 10 Support
    [DLL] Injection Method used returned NULL (Injection failed).: Hi guys, I'm new to this forum; But I recently encountered a problem while injecting a .dll into a program. The error message is what the title says and I tried a lot of injectors and it returned the same error. Here's what I tried: Upgraded windows 8.1 to 10 Unblocked...