After Malicious Malware, Now URL Shorteners Might Enable Illicit Crypto Mining

INVESTORS3
.

by Pratik Makadiya 

It is hardly a secret that crypto jacking or illicit cryptocurrency mining is a part of our lives. Cybersecurity companies have time and again submitted reports, tweeted, and warned people of the dangers associated with installing unfamiliar programs on their computers.

URL shortener – the new malicious trick on the block

Recently, Japanese police arrested almost 16 people for using Coinhive scripts in a malicious program that allegedly mined cryptocurrency Monero from unsuspecting users’ computers. It was the first case in which the police in Japan contemplated booking the accused and slapping criminal charges on them.

Recently, a report from Malwarebytes, anti-malware software developer, suggested that URL shorteners are also capable of mining cryptocurrencies. A URL shortener is a website that allows people to shorten their default URLs. For instance, Google has its own shortener called goo.gl. One can enter their default URL and the shortener can make it more concise.

The report stated that Coinhive has a similar facility. It allows potential miners to embed JavaScript-run crypto miners on their own web browsers, which also comes in with a built-in URL shortener. The shortener will then allow the miner to mine cryptocurrency through the shortened link.

Malwarebytes Labs said that they kept a close watch on known redirects to websites of interest and they found that most of them were closely related to Coinhive domains.

A security researcher at Malwarebytes Jérôme Segura stated:

“Indeed, while Coinhive’s default setting is set to 1024 hashes, this one requires 3,712,000 before loading the destination URL.”

Illicit crypto mining – cybercriminals new love

Not just that, once the required number of hashes to mine cryptocurrency has been archived, the mischievous link behind the shortened link redirects the unsuspecting user to the same page, to start mining again. However, the user remains oblivious to what has happened, passing that as off regular refreshing of the web page.

Malwarebytes blog stated:

“The interest surrounding cryptocurrencies has drastically changed the malware landscape with criminals hoping to get a piece of the action. As such, a growing number of websites are being compromised both client- and server-side to distribute and run coin miners”

Hackers have not stopped at that. They have taken to tricking innocent users into downloading harmful malware to mine cryptocurrencies. Recently, there was a news report that cautioned Apple’s Mac users from downloading files from unknown people. Apparently, a dedicated group of hackers targets cryptocurrency-related chatrooms.