End-to-End Analysis of In-Browser Cryptojacking.

In-browser cryptojacking involves hijacking the CPU power of a website's visitor to perform CPU-intensive cryptocurrency mining, and has been on the rise, with 8500% growth during 2017. ... Through dynamic analysis, we highlight the impact of cryptojacking on system resources, such as CPU and battery consumption (in battery-powered devices); we use the latter to build an analytical model ... Finally, in examining the feasibility of cryptojacking as an alternative to online advertisement, we conduct an in-depth end-to-end analysis that considers the implications of such an alternative on both ...

arXiv:1809.02152v1 fatcat:2wfa7pxy4nat5hih6g5ngr67uy

Today, a myriad of blockchain and cryptocurrency systems, applications, and technologies are widely available to companies, end-users, and even malicious actors who want to exploit the computational resources ... Nonetheless, existing detection methods such as browser extensions that protect users with blacklist methods or antivirus programs with different analysis methods can only provide a partial panacea to ... The views expressed are those of the authors only. ...

arXiv:2103.03851v2 fatcat:nz5wblhw5jd7nju64hewsik3sy

Multiple Versions

Evasion and Anti-Analysis Techniques The evasion and anti-analysis techniques employed during cryptojacking are similar to those used by exploit kits (EK), the automated vulnerability scanners found on ... Browser-based cryptomining was first introduced in 2013 with Tidbit. This proof-of-concept was developed by students at MIT as a potential alternative to in-browser advertising during a hackathon. ...

doi:10.1109/msec.2019.2920585 fatcat:xhrxef6o6nb3hl6hvzfuuidxwa

to be involved in the in-browser cryptojacking. ... The metadata aspect of Domain Names (DNs) enables us to perform a behavioral study of DNs and detect if a DN is involved in in-browser cryptojacking. ... Bijmans, for making the cryptojacking dataset available to us. ...

arXiv:2205.04685v1 fatcat:4jcxdtanvngifnmbrriacqea4a

Open Access

This paper discusses about a live network filtering tool which detects the illicit In-browser miningwithin the range of a network of devices. ... The disabling Java Script leads to poor user experience of the websites as the websites in recent times are powered with Java Script frameworks. ... In order to stop cryptojacking in the user's computer with in browser cryptojacking, we have to disable the JavaScript in the browser settings. ...

doi:10.35940/ijrte.b1103.0782s319 fatcat:lkbsqa6ewvbf7ejneoeiiwostq

Open Access

For this, we propose a 3-phase analysis approach, which enables us to identify mining scripts and conduct a large-scale study on the prevalence of cryptojacking in the Alexa 1 million websites. ... With the introduction of memory-bound cryptocurrencies, such as Monero, the implementation of mining code in browser-based JavaScript has become a worthwhile alternative to dedicated mining rigs. ... Acknowledgments The authors would like to thank Martina Lindorfer and Herbert Bos for providing a draft of their related paper. ...

arXiv:1808.09474v1 fatcat:vsksdijc5bcljbed2tdamfpive

This paper presents a systematic review of these analysis techniques, focusing on vulnerability analysis, cryptojacking detection, and smart contract security. ... WebAssembly is a low-level bytecode language that enables high-level languages like C, C++, and Rust to be executed in the browser at near-native performance. ... To this end, we constructed a taxonomical classification and applied it to analysis techniques proposed in the literature. ...

doi:10.3390/fi16030084 fatcat:wmt4aqk2xjfxvifzsofa777irm

DOAJ Szczepanski

An implementation based on in-lined reference monitoring offers a browser-agnostic deployment strategy that is applicable to average end-user systems without specialized hardware or operating systems. ... The approach addresses a new wave of cryptojacking attacks, including XSS-assisted, web gadget-exploiting counterfeit mining. ... Acknowledgments This research was supported in part by NSF award #1513704, ONR award N00014-17-1-2995, AFOSR award FA9550-14-1-0173, and an NSF I/UCRC award from Lockheed-Martin. ...

doi:10.1007/978-3-319-98989-1_7 fatcat:ubgcajsf4zfwpbcr762fclrlni

Since the release of a browser-based cryptominer by Coinhive in 2017, the easy use of these miners has skyrocketed illicit cryptomining in 2017 and continued in 2018. ... In this paper, we perform two large studies into the world of cryptojacking, focused on organized cryptomining and the spread of cryptojacking on the Internet. ... The term originates from analysis of large volumes of SPAM or phishing emails, but can also be used in other areas, such as browser-based cryptomining. ...

dblp:conf/uss/BijmansBD19 fatcat:mdvhz5tzxzakpiqggjdlqcmvg4

The goal of this research is to explore the extent to which cryptojacking impacts EVs in terms of recharging and cost. ... Overall, our results demonstrate that cryptojackers injected into EVs indirectly provide a financial advantage to the charging stations at the cost of an increased energy strain on society. ... All authors have read and agreed to the published version of the manuscript. ...

doi:10.3390/en15165773 fatcat:mnz3dhc3azhyjfimtakywnroiq

DOAJ

Cryptojacking or illegal mining is a form of malware that hides in the victim's computer and takes the computational resources to extract cryptocurrencies in favor of the attacker. ... To this end, we make use of a dataset, composed of network and host features' samples, to which we apply various feature selection methods such as those based on statistical methods, e.g., Test Anova, ... All it takes is for the user to load the infected website in their browser for the illegal mining code to execute in the browser of the victim's computer [11] . ...

doi:10.3390/s22239219 pmid:36501921 pmcid:PMC9740044 fatcat:bbj4smyinjhwloiw7553boprnq

DOAJ

Developers of large cryptocurrency houses have made available executable binaries and mainly browser-side scripts in order to authoritatively tap into users' collective resources and effectively complete ... With the growing popularity of cryptocurrencies, which are an important part of day-to-day transactions over the Internet, the interest in being part of the so-called cryptomining service has attracted ... Acknowledgments: The authors thank the National Science and Technology Council of Mexico (CONACyT) and the Instituto Politécnico Nacional for the financial support for this research. ...

doi:10.3390/app12073234 fatcat:u65ziddminc2lf6ohgmzetnvne

DOAJ

We are currently in the process of developing a web app with MANiC running on the back-end, compiling a daily list of CryptoJacking websites. ... CryptoJacking scripts typically use WebAssembly (Wasm), a binary format that allows C, C++ and Rust code to execute in the browser with a similar performance to native code. ...

doi:10.1109/cybersecpods.2019.8885003 dblp:conf/cybersecpods/BurgessCOS19 fatcat:3d2s3cbmzfftbktkvubdxvmngm

Regrettably, this practice also easily lends itself to abuse: in this form, called cryptojacking, attacks surreptitiously mine in the users browser, and profits are collected either by website owners or ... One of its latest incarnations is cryptocurrency mining, where a website instructs the visitor's browser to participate in building a cryptocurrency ledger (e.g., Bitcoin, Monero) in exchange for a small ... We will leverage Coinpolice to expand this analysis to other mining libraries in section 6. ...

arXiv:2006.10861v2 fatcat:lpd6uyzx7jektkcaqhsoqkhdxu

Open Access Multiple Versions

The results from static and dynamic analysis uncover the techniques employed by the malware to exploit potential victims.The study concludes that enterprises face the greatest risk of cryptojacking due ... Blockchain made its first debit as a proof of concept on money exchange platforms back in 2008, where the born of the first cryptocurrency. ... This enables a more insightful analysis of Bitcoin's properties and future stability.Moreover,this research reviewed the relevant literature related to cryptocurrency and cryptojacking to identify technical ...

doi:10.6007/ijarbss/v9-i3/5791 fatcat:hkuo2w52ezekrcd26nz5zoisge

Open Access

End-to-End Analysis of In-Browser Cryptojacking [article]

Preserved Fulltext

SoK: Cryptojacking Malware [article]

Preserved Fulltext

Other Versions

You Could Be Mine(d): The Rise of Cryptojacking

Preserved Fulltext

DNS based In-Browser Cryptojacking Detection [article]

Preserved Fulltext

An Intuitive Way to Unmask In-Browser Cryptojacking in Network Level using Support Vector Machine (SVM) in Machine Learning

Preserved Fulltext

Web-based Cryptojacking in the Wild [article]

Preserved Fulltext

SoK: Analysis Techniques for WebAssembly

Preserved Fulltext

SEISMIC: SEcure In-lined Script Monitors for Interrupting Cryptojacks [chapter]

Preserved Fulltext

Inadvertently Making Cyber Criminals Rich: A Comprehensive Study of Cryptojacking Campaigns at Internet Scale

Preserved Fulltext

Do Charging Stations Benefit from Cryptojacking? A Novel Framework for Its Financial Impact Analysis on Electric Vehicles

Preserved Fulltext

On Detecting Cryptojacking on Websites: Revisiting the Use of Classifiers

Preserved Fulltext

Detecting Cryptojacking Web Threats: An Approach with Autoencoders and Deep Dense Neural Networks

Preserved Fulltext

MANiC: Multi-step Assessment for Crypto-miners

Preserved Fulltext

CoinPolice:Detecting Hidden Cryptojacking Attacks with Neural Networks [article]

Preserved Fulltext

Other Versions

Crypto Jacking a Technique to Leverage Technology to Mine Crypto Currency

Preserved Fulltext