Posted on

Firefox Browser To Address Crypto Malware Concerns In Upcoming Update

Mozilla Firefox To Combat CryptoMining

The Mozilla Foundation, the California-based firm behind the ever so popular Firefox browser, has finally made its first formal mention of the nascent cryptocurrency industry, but sadly not in an optimal context.

On August 30th, Mozilla issued a blog post highlighting a series of upgrades it intends to make for its flagship product, the Mozilla Firefox browser.

The technology firm outlined a series of improvements that were meant to increase the performance and security of the browser, which included improving page load speeds, “removing cross-site tracking,” and most importantly, mitigating harmful practices enacted by malicious users.

Although this may be dull to some, what caught the eye of many cryptocurrency enthusiasts was the

Image Courtesy of Mozilla

mention of “cryptomining scripts” in the aforementioned post. The firm noted that it intends to crack down on sites that introduce cryptomining scripts onto consumer computers, adding that future versions of Firefox will “block these practices by default.”

Mozilla Product VP Nick Nuygen, who authored the post, elaborated on the plan, writing:

Other sites have deployed cryptomining scripts that silently mine cryptocurrencies on the user’s device. Practices like these make the web a more hostile place to be. Future versions of Firefox will block these practices by default.

Nuygen went on to explain that this move will give consumers “a voice” and will help to “empower Firefox users” to be more in control of their experience on the web. This feature will first be beta tested on Firefox Nightly, which will ensure that malicious scripts are blocked effectively.

Mozilla isn’t the only firm to take a harsh stance against cryptomining, as many prominent companies consider it a threat to the security and safety of millions of consumers around the globe, especially in a word that is becoming increasingly digital.

As reported by Ethereum World News previously, Google has taken a harsh stance against cryptomining, recently establishing a rule that banned all cryptocurrency mining applications from its mobile play store and web store. Although the technology giant has shown the slightest hints of interest in blockchain technologies, it seems that the firm intends to remain heavy-handed when it comes to products relating to the potentially malicious action of cryptomining, cryptojacking and the like.

Opera, which sits behind Google Chrome, Firefox, Microsoft’s Edge and Apple’s Safari as the most popular internet browser, has also taken a stance against in-browser “bitcoin mining,” but was ahead of the curb as it introduced anti-bitcoin mining measures in January 2018.

Although cryptocurrencies are undoubtedly seeing adoption, acceptance, and growth in every nook and cranny, it goes without saying that there are still issues with this newfangled technology. Whether it be the aforementioned cryptomining epidemic or the widespread hacking of wallets, it is clear that security remains a legitimate concern for many.

Title Image Courtesy of J. Albert Bowden ll @ Flickr
Girl in a jacket


Posted on

Crypto Mining Attacks Soar in First Half of 2018

Malicious cryptomining attacks jumped 956 percent from the first half of 2017 to the first half of 2018, IT security firm Trend Micro reported Wednesday.

In its latest Midyear Security Roundup, Trend Micro researchers noted that there were more than 787,000 detections of malicious cryptocurrency mining software in the first six months of 2018, up from 74,500 detections across a similar period in 2017. The cryptojacking programs detected include both legitimate mining tools being misused and dedicated malware.

The report said that researchers also discovered “47 new cryptocurrency mining malware families,” meaning new groups began developing these programs this year, rather than just a few bad actors reusing the same malware.

Attackers have been increasingly looking into cryptojacking, or using businesses and other victims’ computers to mine cryptocurrencies, the report said. This is a problem for businesses which now need to be aware of these potential threats.

The report explained:

“From an enterprise point of view, the presence of unauthorized cryptocurrency miners in the network is a red flag not only for the affected individual user device but also for overall network security … The new challenge for enterprises lies in the fact that cryptocurrency miners are less visible, more silent threats, the non-detection of which is likely to induce a false sense of security.”

Cryptojacking can damage hardware, resulting in shortened lifespans for businesses’ computers and hurt network performance, the report added. Users’ computers can also slow down, impacting their ability to use their machines as needed.

Some attackers are bypassing cryptomining to instead hack exchanges directly, stealing large amounts of cryptocurrencies, the report said, citing this year’s Coincheck and Coinsecure hacks as two examples.

“Interestingly, these trends persisted even as the value of cryptocurrency itself declined throughout the first half of the year,” the report noted.

Trend Micro’s report follows specific instances of cryptojacking reported by various security researchers over the year. Last month, Kaspersky announced it had discovered a new form of cryptomining malware which targeted corporate networks specifically. Another researcher found a cryptojacker which used an exploit in the Drupal content management system.

Red flag image via Shutterstock

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.