Yandex has added crypto miner protection to its browser

The company "Yandex" in its blog announced the addition of protection against crypto miners in the latest version of its browser. For this, the browser will analyze the load dynamics of the user device processor. If a process significantly increases the load level, the browser can block it. Of course, this will happen only if the process is really responsible for the mining of cryptocurrency and not, for example, watching a video.

In 2017, crypto miners hit more than 2.7 million user devices. In many cases, mining scripts were installed on the pages of their resources either by the site owners who wanted to earn extra money, or by malicious attackers who hacked into the defense and added their own scripts to the code.

Not always mining scripts are installed by hackers. The most striking example of this is ThePirateBay. The administration of the torrent tracker decided to test mining with the help of a special script last year. Moreover, users were not notified about this, and mining was impossible to disable. At the very beginning, the free resources of the user systems were loaded at 100%. Over time, the scripts and those who use them have become smarter, stopping to boot the PC at 100%.

As a result, the activity of a cryptominer often goes unnoticed. And if in the case of ordinary users it is just unpleasant when someone uses your computer for their own personal purposes. So in the case of companies whose fleet includes thousands and tens of thousands of pieces of equipment, the problem lies in the loss. Electricity, slower work of machines, and therefore less efficient work of employees — all this translates into tens and hundreds of thousands of lost profits or direct losses.
')
The Yandex company decided to start a fight against this phenomenon, therefore, it built a cryptocurrency script detector into the browser. Software from Yandex was released in 2012. Now he owns a tenth share of the browser market in the Russian Federation according to Liveinternet. The browser ranks third in popularity in Russia. It is inferior only to Google Chrome (56.1%) and the mobile version of Safari (18.6%).

Actions to prevent the actions of crypto miners, according to specialists from Yandex, are necessary. In just one year, the activity of software that allows cybercriminals to extract cryptocurrency increased by 50%. Usually victims of programs of this kind are users who use adware and pirated software, as well as counterfeit games, in which various additional modules are inserted. As for the profits that crypto miners receive, it is quite large. According to Kaspersky Lab, only in the second half of 2017, criminals received in this way several million US dollars.

As for the browser, the initiative of Yandex is not something new. Protection in browsers began to appear even earlier - somewhere in 2017. Usually in the role of protective tools are additions and extensions. The worst thing when dealing with cryptomines is that the load on the processor cannot be considered a critical indicator for identifying the malware. “Firstly, mining scripts can limit downloads to cause less suspicion. Secondly, false positives are likely on sites that use high load for legal purposes. If the computer is old, then even streaming video playback can give a false signal, ”says antivirus expert at Kaspersky Lab, Alexey Malanov.

Most crypto miners are based on JavaScript, so blocking them is not that difficult. At the moment there are a large number of free tools to protect against mining. Among them are popular ad blockers. The most effective way to neutralize JavaScript software is a comprehensive anti-virus software.

The most popular crypto miner is Coinhive. The information on it was published on Geektimes, and repeatedly. Its creators could not even think that their development would become so popular. And the problems are not with the script itself, but with those who use it. “While working on the project, we were rather naive because we did not believe that the miner would be used by cybercriminals. We wanted our code to be used by site owners, used openly, warning users about mining cryptocurrency. But what happened over the past few weeks with Coinhive is unspeakably strange, ”the developers said.