1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Yahoo Ad malware turns computers into Bitcoin mining rigs

Discussion in 'Article Discussion' started by Meanmotion, 9 Jan 2014.

  1. Meanmotion

    Meanmotion bleh Moderator

    Joined:
    16 Nov 2003
    Posts:
    1,650
    Likes Received:
    12
  2. Pete J

    Pete J RIP Teelzebub

    Joined:
    28 Sep 2009
    Posts:
    5,310
    Likes Received:
    315
    Working late eh?

    Does anyone actually click on adverts any more (except by accident)? I assume you had to do this to run it.

    I suppose one way of telling if your PC is running mining without your knowledge is a) reduced performance and b) awful howling from your GPU.
     
  3. mi1ez

    mi1ez Active Member

    Joined:
    11 Jun 2009
    Posts:
    1,436
    Likes Received:
    18
    Many of the people who contract the malware will be gunning iGPU setups and their PCs won't howl. They probably won't even notice the decrease in performance!
     
  4. Alecto

    Alecto Member

    Joined:
    20 Apr 2012
    Posts:
    134
    Likes Received:
    1
    I managed to contract spyware/malware once by visiting a website which was rigged to exploit known holes in most commonly used web browsers. Mine (IE) wasn't patched to take care of the issue at that time ebcause M$ couldn't be bothered to release the update right away and instead waited for next Tuesday or something ...

    Anyway, upon visiting that webpage the whole ordeal was over in less than 2 seconds. End result: a ton of pop-up windows opened so I had to deal with them instead of being able to kill the browser and about 2 days of work to get rid of every single piece of malware that got installed.

    I didn't click on any link (apart from following Google's search result to the web page in question) nor did I click on any ads. I tried closing few pop-ups using X in top right corner of those pop-ups (which were normal windows, none of the weird stuff you sometimes see these days without the usual window border that should adhere to your system's widget look but is instead made to look different), but that was it. In about 5 seconds I killed the entire browser process tree from Task Manager because it was evident that things have gone out of control by then.

    I imagine the victims of this malware were just as unaware of them getting infected as I was back all those years.
     
  5. Pete J

    Pete J RIP Teelzebub

    Joined:
    28 Sep 2009
    Posts:
    5,310
    Likes Received:
    315
    Interesting to know Alecto. I always thought things like that required input from the user to install.
     
  6. K.I.T.T.

    K.I.T.T. Hasselhoff™ Inside

    Joined:
    1 Jan 2005
    Posts:
    624
    Likes Received:
    1
    Maybe since, although it's old hat now, you can GPU accelerate cryptocoin mining and a flash advert is itself accelerated by the gpu these days you could do something with that.
     
  7. nightblade628

    nightblade628 Member

    Joined:
    10 Dec 2009
    Posts:
    263
    Likes Received:
    11
    Long story short, when a webpage and its accompanying Ads load, they store some of themselves on your PC in order to present themselves to you. The parts that get downloaded can then autorun themselves and install whatever nasty malware they want, and MOST Antivirus programs are useless to stop them (Mcafee, Norton, Avast, AVG etc.) although they will block known malicious sites - just not the ads, which are the real problem here.

    Once you have them, all you can really do is use a good Malware remover (Malwarebytes and Ad-aware V10; V11's algorithms are useless) running from Safe Mode to kill them. Then you need the names of the malware and run a search in your registry for any links to them or their affiliates. One we recently had to remove was SuperFun-something or other which came with the Conduit toolbar conveniently attached. They're so damn sneaky.
     
  8. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,251
    Likes Received:
    312
    Or just make sure you keep Java updated, or don't install it in the first place.
     
  9. SinxarKnights

    SinxarKnights Member

    Joined:
    21 Jan 2007
    Posts:
    258
    Likes Received:
    3
    What does java have to do with it?
     
  10. Glix

    Glix Left Thumb Stick in the mud.

    Joined:
    11 May 2010
    Posts:
    318
    Likes Received:
    1
    +1

    These are drive by malware ads.

    You can't avoid them unless they have been detected and protected against.

    Definitely one reason to keep Adblock on at all times.

    I love how it's okay to host (indirectly) malicious adverts and get off scotfree, yet if you're piratebay...
     
  11. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,251
    Likes Received:
    312
    Because i was under the impression that...
    http://www.zdnet.com/yahoo-ad-malware-spawned-european-bitcoin-mining-network-7000024978/
    Or have i made a Bo Bo and mistaken the one reported on by Meanmotion with the one quoted above ?
     
  12. Glix

    Glix Left Thumb Stick in the mud.

    Joined:
    11 May 2010
    Posts:
    318
    Likes Received:
    1
    Could be more that have slipped the net. ZD report:

    Waiting on further updates. :lol:
     
  13. SinxarKnights

    SinxarKnights Member

    Joined:
    21 Jan 2007
    Posts:
    258
    Likes Received:
    3
    Ya I was wondering because it wasn't mentioned in the one linked.
     
Tags: Add Tags

Share This Page