Home Malware Programs Potentially Unwanted Programs (PUPs) deepMiner Cryptojacking

deepMiner Cryptojacking

Posted: May 2, 2018

The deepMiner Cryptojacking is a threat that runs through your Web browser for generating cryptocurrency. Most the deepMiner Cryptojacking infections occur after visiting an unsafe or compromised website, which loads the related scripts automatically. Since this threat runs automatically and without giving many symptoms to the user, malware experts recommend having a dedicated anti-malware tool for blocking the deepMiner Cryptojacking or removing related traces of its presence from your computer.

Cryptocurrency Miners Going Deeper, Easier than Ever

Four out of five websites running cryptocurrency-mining scripts are using Coinhive , but the industry also has numerous, minor competitors. Out of these, one of the smallest, but also most readily accessible (thanks to its availability on the hosting service GitHub) is deepMiner. The recent abuses of the deepMiner Cryptojacking campaign by some threat actors also are demonstrating the willingness of the con artists for using any tools at hand for their misdeeds, often, to the direct detriment of any victims.

Similarly to the Minr Cryptojacking or the Coinhive Cryptojacking, the deepMiner Cryptojacking uses JavaScript-based exploits, run from the victim's browser, for generating cryptocurrency for a third party's wallet. Visiting any 'host' website without disabling JavaScript first is all that's necessary for launching deepMiner automatically, which uses the computer's CPU cycles for currency generation. Threat actors compromise websites not under their ownership for inserting scripts for Web-based applications like the deepMiner Cryptojacking or exploit kits frequently, and the website's administrators may not know of the security breach.

WordPress blogs are one of the many sub-types of sites at risk from these attacks. There has been a recent incident of exploiting the deepMiner Cryptojacking on an anonymous WordPress domain that runs the threat alongside multiple, 'competing' ones recently. The injection script is intended to run one of several mining applications, such as deepMiner or Coinhive. However, a glitch lets more than one mining process run simultaneously, which uses all of the vulnerable PC's CPU resources virtually.

Getting Your Browser Back out after It's in Deep

Without running demanding applications, such as high-end video games, most PCs should have modest CPU usage, as opposed to the seventy or more percent that deepMiner may take, by itself. When it's running alongside a similar threat, such as the Coinhive Cryptojacking, the CPU expenditure may run up to one hundred percent. However, since deepMiner is a website script-based miner, closing your Web browser should, temporarily, halt the mining routine. Limited CPU availability also can cause other issues associated with poor stability and performance.

Due to it being an open-source project, deepMiner can be run and modified at will by any threat actors with interests in doing so. The websites that run this threat may not necessarily be unsafe; the con artists hack into websites not under their ownership for inserting malicious scripts frequently, including browser-redirecting threats, exploit kits, and cryptocurrency miners. However, the default settings of most anti-malware programs should identify and stop the deepMiner Cryptojacking while the site loads.

Victims can inform website admins of security breaches resulting in the running of the deepMiner Cryptojacking, or similar threats. However, anyone surfing the Web without any extra protection from damaged scripts may want to reconsider after taking into account the deepMiner Cryptojacking's history of abuse on seemingly 'safe' sites.

Loading...