Please wait while we use your browser to mine bitcoin

SecBI Blog

SecBI Autonomous Investigation technology, recently detected a fileless malicious activity affecting one of its customers in the form of a new cyber-attack that represents the next step in the evolution of ransomware: Bitcoin mining through the web browser.

This attack was draining considerable resources from the organization’s IT resources for data mining purposes, causing computer slowdowns and multiple IT complaints about unknown behavior. It was not detected by existing solutions because all activity was contained within the browser.

SecBI detected this activity via the abnormal repetitive (beaconing) behavior from “infected” users with a unique pattern that is indicative of bitcoin mining, as well as multiple requests to YouTube channels that the company had never observed nor interacted with.

All detection was done on top layer 7 web proxy logs, using SecBI’s unique machine learning algorithms – a new approach for appliance-less network traffic analysis.

Campaign in detail

The attacks began with a phishing email that directed recipients to a seemingly innocent website offering a free AWS gift card in exchange for staying on the site until a countdown is over:

crypto1-750x419

Meanwhile, the malware author earns extra money by running sponsored YouTube videos in the background. These videos promote dummy sites that offer users free money for online gaming.

 

crypto2-300x248

Bitcoin mining also happens in the background.

 

crypto3-300x261

Share with your audience

   

    Related posts

  • When the Results are as Good if not Better, Why Bother with Packet Capture in NTA?

    When the Results are as Good if not Better, Why Bother with Packet Capture in NTA?

    Read More
  • How to Keep Ransomware in the Headlines and Out of Your Network : And that Includes LockerGoga, NotPetya, WannaCry Among Others

    How to Keep Ransomware in the Headlines and Out of Your Network : And that Includes LockerGoga, NotPetya, WannaCry Among Others

    Read More
  • Pros and Cons of Unsupervised Vs Supervised Machine Learning

    Pros and Cons of Unsupervised Vs Supervised Machine Learning

    Read More
  • Keeping up with hackers using unsupervised machine learning

    Keeping up with hackers using unsupervised machine learning

    Read More