Windows 10: Protecting yourself from In-Browser Miners

Discus and support Protecting yourself from In-Browser Miners in AntiVirus, Firewalls and System Security to solve the problem; Miners are becoming an epidemic and in-browsing mining is only going to get worse. Therefore, it is important that all users protect themselves by... Discussion in 'AntiVirus, Firewalls and System Security' started by Cliff S, Feb 17, 2018.

  1. Cliff S New Member

    Protecting yourself from In-Browser Miners


    Read the whole article here: Using the Chrome Task Manager to Find In-Browser Miners


    *Name: Edit hosts file.zip Views: 21 Size: 890 BytesEdit hosts file.zip
    Just download, right click, open properties, select unblock, unzip it, place it where you want, and click it.



    :)
     
    Cliff S, Feb 17, 2018
    #1
  2. Jsssssssss, Feb 17, 2018
    #2
  3. Rik92 Win User
    Crypto jacking and data mining

    I recently read an article about data mining. I use Avast internet security s/w so I asked them if their software protects against crypto jacking. They said it does detect and block data miners. But it does not work with IE and Edge because they do not support
    add-ons from Avast or other. How can I protect myself from crypto jacking or data mining when using IE or Edge?

    Moved from: Windows / Apps on Windows 10 / Microsoft Edge
     
    Rik92, Feb 17, 2018
    #3
  4. AndreTen Win User

    Protecting yourself from In-Browser Miners

    Thanks for pointing this out Cliff S. My wife was victim of one coin miner. And it wasn't restricted on the site viewing, but started with browser.


    Special extensions that prevents coin mining are available for almost all of the browsers (Chrome, FF) out there. Also usual blocking extensions can be updated with coin mining lists like you mentioned for hosts file.

    This is part of the list, if you go to FF extensions site and type coin in search:
     
    AndreTen, Feb 17, 2018
    #4
  5. Kari Win User
    Thanks for sharing, Cliff. Important read.
     
  6. Cliff S New Member
    I have always prefered to use the hosts file, as addons also track you(they need to, so they can function properly).

    But I can also surgically select what will be blocked and what not(just malware, Facebook, and now coinhive.
     
    Cliff S, Feb 17, 2018
    #6
  7. Cliff S New Member
    You are both welcome.
     
    Cliff S, Feb 17, 2018
    #7
  8. Cliff S New Member

    Protecting yourself from In-Browser Miners

    I just added a shortcut, to download, in information block above, to quickly open hosts in notepad as admin, to edit the hosts file*Smile
     
    Cliff S, Feb 17, 2018
    #8
  9. Cliff S New Member
    Further information:
    Hosts File in Windows 10/8/7: Location, Edit, Lock, Manage


    Protecting yourself from In-Browser Miners [​IMG]
     
    Cliff S, Feb 17, 2018
    #9
  10. Callender Win User
    Protecting yourself from In-Browser Miners [​IMG]
    Added to HOSTS. However still get the problem in the screenshot. AV blocks the script but additionally if using Firefox Quantum) with NoScript Security Suite the script is also blocked.
     
    Callender, Feb 17, 2018
    #10
  11. Cliff S New Member
    The script is being blocked from the add on, but not from hosts file.

    To understand what the hosts file is/does(very simplified): The Hosts File and what it can do for you
     
    Cliff S, Feb 18, 2018
    #11
  12. Poper Blocker is very effective too, it blocks hidden popups/overlays used by coinminers.
     
    TairikuOkami, Feb 18, 2018
    #12
  13. f14tomcat Win User

    Protecting yourself from In-Browser Miners

    Another good add-on for FF is No-Miners. Open source. https://addons.mozilla.org/en-US/fir...ddon/nominers/

    To augment the Hosts File approach, there is good clean little app that maintains an updated DB of new miners, and is easy to update. GitHub - greatis/Anti-WebMiner: Anti-WebMiner protects your PC against web cryptocurrency miners (JS scripts like Coinhive executed in the browser) by modifying Windows hosts file

    It works with any browser because it modifies the system hosts file. It's open source. And has a built in notepad link to view/edit the Hosts file.

    Example of my Hosts File. I also have entries in it to keep the pesky ads off of Skype. Anti-WebMiner entries are the second section.

    Code: # Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # 127.0.0.1 localhost # ::1 localhost # Skype Ads Blocker #Skype ads blocker-begin 127.0.0.1 download.skype.com (prevents Skype from updating) 127.0.0.1 *.msads.net 127.0.0.1 *.msecn.net 127.0.0.1 *.rad.msn.com 127.0.0.1 a.ads2.msads.net 127.0.0.1 ac3.msn.com 127.0.0.1 ad.doubleclick.net 127.0.0.1 adnexus.net 127.0.0.1 adnxs.com 127.0.0.1 ads1.msads.net 127.0.0.1 ads1.msn.com 127.0.0.1 ads2.msads.net 127.0.0.1 aka-cdn-ns.adtech.de 127.0.0.1 an.secure.tacoda.net 127.0.0.1 aorta.clickagy.com 127.0.0.1 asvcs.aol.com 127.0.0.1 az512334.vo.msecnd.net 127.0.0.1 b.ads2.msads.net 127.0.0.1 bs.serving-sys.com 127.0.0.1 cdn.at.atwola.com 127.0.0.1 cdn.atdmt.com 127.0.0.1 cds26.ams9.msecn.net 127.0.0.1 db3aqu.atdmt.com 127.0.0.1 devads.skypeassets.net 127.0.0.1 download.skype.com 127.0.0.1 dpm.demdex.net 127.0.0.1 dtm.advertising.com 127.0.0.1 ec.atdmt.com 127.0.0.1 flex.msn.com 127.0.0.1 g.msn.com 127.0.0.1 gum.criteo.com 127.0.0.1 h6.msn.com 127.0.0.1 ib.adnxs.com 127.0.0.1 live.rads.msn.com 127.0.0.1 msntest.serving-sys.com 127.0.0.1 pixel.advertising.com 127.0.0.1 preads.skypeassets.net 127.0.0.1 qaads.skypeassets.net 127.0.0.1 qawww.skypeassets.net 127.0.0.1 rad.msn.com 127.0.0.1 s.aolcdn.com 127.0.0.1 s.blogsmithmedia.com 127.0.0.1 secure-ams.adnxs.com 127.0.0.1 secure-fra.adnxs.com 127.0.0.1 secure.adnxs.com 127.0.0.1 secure.flashtalking.com 127.0.0.1 secure.uac.advertising.com 127.0.0.1 sO.2mdn.net 127.0.0.1 static.2mdn.net 127.0.0.1 static.skypeassets.com 127.0.0.1 static.skypeassets.net 127.0.0.1 su.addthis.com 127.0.0.1 uk.at.atwola.com #Skype ads blocker - end # End Skype Ads Blocker # Anti-WebMiner Start 1.50 43151 0.0.0.0 185.14.28.10 0.0.0.0 1q2w3.fun 0.0.0.0 2giga.link 0.0.0.0 3104709642 0.0.0.0 52.80.10.9 0.0.0.0 8jd2lfsq.me 0.0.0.0 adless.io 0.0.0.0 ad-miner.com 0.0.0.0 afflow.18-plus.net 0.0.0.0 afminer.com 0.0.0.0 ajplugins.com 0.0.0.0 akvideo.stream 0.0.0.0 analytics.blue 0.0.0.0 anime.reactor.cc 0.0.0.0 a-o.ninja 0.0.0.0 api.inwemo.com 0.0.0.0 aservices.party 0.0.0.0 audioknigi.club 0.0.0.0 auroramine.com 0.0.0.0 authedmine.com 0.0.0.0 azvjudwr.info 0.0.0.0 bablace.com 0.0.0.0 baiduccdn1.com 0.0.0.0 becanium.com 0.0.0.0 befirstcdn.com 0.0.0.0 bestmobiworld.com 0.0.0.0 bewhoyouare.gq 0.0.0.0 bmst.pw 0.0.0.0 brominer.com 0.0.0.0 butcalve.com 0.0.0.0 c7e935.netlify.com 0.0.0.0 candid.zone 0.0.0.0 capodannoinversilia.com 0.0.0.0 cdn.jquery-uim.download 0.0.0.0 cdn-analytics.pl 0.0.0.0 cdn-code.host 0.0.0.0 cfcdist.gdn 0.0.0.0 cfceu.duckdns.org 0.0.0.0 cfcnet.gdn 0.0.0.0 cfcs1.duckdns.org 0.0.0.0 chainblock.science 0.0.0.0 chmproxy.bid 0.0.0.0 cieh.mx 0.0.0.0 clod.pw 0.0.0.0 cloudcdn.gdn 0.0.0.0 cloudcoins.co 0.0.0.0 cnhv.co 0.0.0.0 coinblind.com 0.0.0.0 coiner.site 0.0.0.0 coinerra.com 0.0.0.0 coin-have.com 0.0.0.0 coinhive.com 0.0.0.0 coin-hive.com 0.0.0.0 coinhive-manager.com 0.0.0.0 coinimp.com 0.0.0.0 coinlab.biz 0.0.0.0 coinminerz.com 0.0.0.0 coinnebula.com 0.0.0.0 coinpirate.cf 0.0.0.0 coinpot.co 0.0.0.0 coinrail.io 0.0.0.0 coin-service.com 0.0.0.0 cookiescript.info 0.0.0.0 cookiescriptcdn.pro 0.0.0.0 cpu2cash.link 0.0.0.0 cpufan.club 0.0.0.0 cryptobara.com 0.0.0.0 crypto-loot.com 0.0.0.0 cryptoloot.pro 0.0.0.0 cryptonoter.com 0.0.0.0 crypto-webminer.com 0.0.0.0 cryptown.netlify.com 0.0.0.0 cryweb.github.io 0.0.0.0 crywebber.github.io 0.0.0.0 d1e1rbybdt265x.cloudfront.net 0.0.0.0 d3iz6lralvg77g.cloudfront.net 0.0.0.0 devappgrant.space 0.0.0.0 digxmr.com 0.0.0.0 dmdamedia.hu 0.0.0.0 doubleclick1.xyz 0.0.0.0 doubleclick2.xyz 0.0.0.0 doubleclick3.xyz 0.0.0.0 doubleclick4.xyz 0.0.0.0 doubleclick5.xyz 0.0.0.0 doubleclick6.xyz 0.0.0.0 edgeno.de 0.0.0.0 elthamely.com 0.0.0.0 estream.to 0.0.0.0 etacontent.com 0.0.0.0 ewtuyytdf45.com 0.0.0.0 exdynsrv.com 0.0.0.0 fili.tv 0.0.0.0 filmgoo.org 0.0.0.0 formulawire.com 0.0.0.0 freecontent.bid 0.0.0.0 freecontent.loan 0.0.0.0 freecontent.racing 0.0.0.0 freecontent.stream 0.0.0.0 fresh-js.bitbucket.io 0.0.0.0 futeboltv.com 0.0.0.0 gasolina.ml 0.0.0.0 g-content.bid 0.0.0.0 goldoffer.online 0.0.0.0 goodkino.biz 0.0.0.0 goodolddownloads.com 0.0.0.0 googleanalytcs.com 0.0.0.0 goredirect.party 0.0.0.0 graftpool.ovh 0.0.0.0 greenindex.dynamic-dns.net 0.0.0.0 gridcash.net 0.0.0.0 gridiogrid.com 0.0.0.0 gus.host 0.0.0.0 gustaver.ddns.net 0.0.0.0 hallaert.online 0.0.0.0 harvest.surge.sh 0.0.0.0 hashforcash.us 0.0.0.0 hashing.win 0.0.0.0 hatevery.info 0.0.0.0 hemnes.win 0.0.0.0 hit.gemius.pl 0.0.0.0 hodlers.party 0.0.0.0 hodling.faith 0.0.0.0 host.d-ns.ga 0.0.0.0 igrid.org 0.0.0.0 joyreactor.cc 0.0.0.0 jroqvbvw.info 0.0.0.0 jsccnn.com 0.0.0.0 jscdndel.com 0.0.0.0 jsecoin.com 0.0.0.0 jyhfuqoh.info 0.0.0.0 kdowqlpt.info 0.0.0.0 kickass.cd 0.0.0.0 kinohabr.net 0.0.0.0 kinoprofi.org 0.0.0.0 kissdoujin.com 0.0.0.0 kisshentai.net 0.0.0.0 kiwifarms.net 0.0.0.0 kjli.fi 0.0.0.0 l33tsite.info 0.0.0.0 ledhenone.com 0.0.0.0 lewd.ninja 0.0.0.0 listat.biz 0.0.0.0 lmodr.biz 0.0.0.0 machieved.com 0.0.0.0 marcycoin.org 0.0.0.0 mataharirama.xyz 0.0.0.0 mine.nahnoji.cz 0.0.0.0 minecrunch.co 0.0.0.0 minemytraffic.com 0.0.0.0 minero.cc 0.0.0.0 minero.pw 0.0.0.0 minero-proxy-01.now.sh 0.0.0.0 minero-proxy-02.now.sh 0.0.0.0 minero-proxy-03.now.sh 0.0.0.0 minescripts.info 0.0.0.0 minr.pw 0.0.0.0 monerise.com 0.0.0.0 monero-miner.com 0.0.0.0 monerominer.rocks 0.0.0.0 monitoringservice.co 0.0.0.0 monkeyminer.net 0.0.0.0 morningdigit.com 0.0.0.0 msg-2.me 0.0.0.0 mutuza.win 0.0.0.0 nametraff.com 0.0.0.0 noblock.pro 0.0.0.0 nullrefexcep.com 0.0.0.0 oload.info 0.0.0.0 openkatalog.com 0.0.0.0 pan.whathyx.com 0.0.0.0 panelsave.com 0.0.0.0 papoto.com 0.0.0.0 party-nngvitbizn.now.sh 0.0.0.0 party-vqgdyvoycc.now.sh 0.0.0.0 pertholin.com 0.0.0.0 piti.bplaced.net 0.0.0.0 player.h-cdn.com 0.0.0.0 playerassets.info 0.0.0.0 ppoi.org 0.0.0.0 pr0gramm.com 0.0.0.0 premiumstats.xyz 0.0.0.0 projectpoi.com 0.0.0.0 punchsub.net 0.0.0.0 questionfly.com 0.0.0.0 rapidvideo.com 0.0.0.0 reasedoper.pw 0.0.0.0 refresh-js.bitbucket.io 0.0.0.0 rintinwa.com 0.0.0.0 rocks.io 0.0.0.0 ron.si 0.0.0.0 rove.cl 0.0.0.0 safelinkconverter.com 0.0.0.0 salamaleyum.com 0.0.0.0 sen-to-zdrowie.ml 0.0.0.0 serie-vostfr.com 0.0.0.0 shrink-service.it 0.0.0.0 sighash.info 0.0.0.0 sleazyneasy.com 0.0.0.0 smartoffer.site 0.0.0.0 sparechange.io 0.0.0.0 stackpathdns.com 0.0.0.0 static-cnt.bid 0.0.0.0 staticsfs.host 0.0.0.0 statistic.date 0.0.0.0 sunhd.info 0.0.0.0 techhome-js.github.io 0.0.0.0 thevideo.ch 0.0.0.0 thevideo.me 0.0.0.0 thevideo.us 0.0.0.0 tokyodrift.ga 0.0.0.0 torrent.pw 0.0.0.0 traffic.tc-clicks.com 0.0.0.0 tubetitties.com 0.0.0.0 tulip18.com 0.0.0.0 vcfs6ip5h6.bid 0.0.0.0 vidzi.tv 0.0.0.0 vzhjnorkudcxbiy.com 0.0.0.0 web.dle-news.pw 0.0.0.0 webassembly.stream 0.0.0.0 webmine.cz 0.0.0.0 webmine.pro 0.0.0.0 webminepool.com 0.0.0.0 webminepool.tk 0.0.0.0 webminerpool.com 0.0.0.0 webmining.co 0.0.0.0 wp-monero-miner.de 0.0.0.0 xbasfbno.info 0.0.0.0 xmrminingproxy.com 0.0.0.0 yourporn.sexy 0.0.0.0 zlx.com.br 0.0.0.0 zona.video # Anti-WebMiner End[/quote] Just a couple more to help keep the miners away! *Smile
     
    f14tomcat, Feb 19, 2018
    #13
  14. EdTittel Win User
    Thanks for bringing this to the community's attention, Cliff. At Kari's urging I wrote a story about this yesterday and gave this thread significant mention at Win10.guru: Beware of Browser Mining. Hope that's OK with you. Thanks again!
    --Ed--
     
    EdTittel, Feb 19, 2018
    #14
  15. Callender Win User
    Just a couple more to help keep the miners away! *Smile[/quote] Funny thing is that my HOSTS file begins differently:

    Code: 127.0.0.1 localhost 127.0.0.1 localhost.localdomain 127.0.0.1 local 255.255.255.255 broadcasthost ::1 localhost ip6-localhost ip6-loopback fe80::1%lo0 localhost ff02::1 ip6-allnodes ff02::2 ip6-allrouters 0.0.0.0 0.0.0.0 0.0.0.0 fr.a2dfp.net m.fr.a2dfp.net mfr.a2dfp.net asy.a8ww.net static.a-ads.com abcstats.com a.abv.bg adserver.abv.bg adv.abv.bg 0.0.0.0 bimg.abv.bg track.acclaimnetwork.com accuserveadsystem.com www.accuserveadsystem.com achmedia.com csh.actiondesk.com ads.activepower.net ad.activesolutions.cz app.activetrail.com 0.0.0.0 traffic.acwebconnecting.com office.ad1.ru cms.ad2click.nl ad2games.com content.ad20.net core.ad20.net banner.ad.nu adadvisor.net tag1.adaptiveads.com 0.0.0.0 www.adbanner.ro wad.adbasket.net adbox.hu b.adbox.lv james.adbutler.de www.adbutler.de www.adchimp.com static.adclick.lt engine.adclick.lv 0.0.0.0 show.adclick.lv static.adclick.lv www.adclick.lv servedby.adcombination.com adcomplete.com www.adcomplete.com pixel.adcrowd.com ct1.addthis.com static.uk.addynamo.com[/quote]
     
    Callender, Feb 19, 2018
    #15
Thema:

Protecting yourself from In-Browser Miners

Loading...
  1. Protecting yourself from In-Browser Miners - Similar Threads - Protecting yourself Browser

  2. Pinging Yourself When On VPN

    in Windows 10 Ask Insider
    Pinging Yourself When On VPN: If you ping your own machine name when on a VPN would you expect it to return the IP address of your NIC or the IP address from your VPN? I've run into an issue where this behaviour appears to have changed in Windows 10, I've not yet narrowed down which version. This is...
  3. Protect yourself from Ransomware

    in Windows 10 Ask Insider
    Protect yourself from Ransomware: https://www.windowscentral.com/how-enable-controlled-folder-access-windows-10-fall-creators-update submitted by /u/wclinch [link] [comments] https://www.reddit.com/r/Windows10/comments/fc4dp3/protect_yourself_from_ransomware/
  4. Windows Defender Browser Protection - System Protect Error

    in AntiVirus, Firewalls and System Security
    Windows Defender Browser Protection - System Protect Error: I am using Microsoft Edge as my browser and got a "Windows Defender Browser Protection" message/window that popped up with a message "The server lateroabdominal.info is asking for your user name and password. The server reports that it is from"...
  5. MBAM browser protection for Chrome

    in Browsers and Email
    MBAM browser protection for Chrome: I find this extension to cause the pages to load slowly. The pause, while it works, is quite noticeable after using Chrome for so long with out it. It reads as though it is doing quite a job protecting a PC and I wondered if anyone has experienced the same pause I have? 140989
  6. Edge Browser not listed on Exploit Protection

    in AntiVirus, Firewalls and System Security
    Edge Browser not listed on Exploit Protection: When I open the Exploit Protection Program List, how come Edge browser processes are not listed? Or, is there another process name for MS Edge from the Exploit Protection Program List page? However, my guess is that since Edge runs in a Sandboxed protected mode by default,...
  7. Protect yourself online with these useful tips and PureVPN

    in Windows 10 News
    Protect yourself online with these useful tips and PureVPN: With Black Friday on the horizon, it won’t be too long before shoppers and bargain hunters rush to grab the best deals and discounts on their favorite items. However, while it’s a great day to slash out your money on appliances, gadgets, Christmas gifts, etc. there are also...
  8. How to fix Comodo Browser Protection

    in AntiVirus, Firewalls and System Security
    How to fix Comodo Browser Protection: Hey guys, I keep getting this notification from past week and I want to disable it. [img] Regards. 101932
  9. How does a browser injected coin miner work?

    in Browsers and Email
    How does a browser injected coin miner work?: I seem to have fell prey to a website that had either intentionally or unintentionally been injected with a coin miner. I first noticed high CPU temps and thought my CPU cooler had failed. Then I found Chrome's high CPU utilization in Task Manager and then the culprit website...
  10. Create a single file to protect yourself from the latest ransomware

    in Windows 10 News
    Create a single file to protect yourself from the latest ransomware: There's no cure for the latest ransomware attack, but a researcher has discovered a way to prevent infection through the creation of a single Windows file. As reported by Bleeping Computer, there is a way to prevent infection -- not cure, but protect from -- which takes...