It is reported that cryptocurrency mining malware has been breach from thousands of website to Google play store applications.
Coinhive, a site that offers a friendly programming interface to enable any website turning their visitor’s computer into mining machine for the website owner. A couple of multi-million downloaded applications from Google play store is taking advantage of user phone for illegal mining activities too, but no name of the applications was revealed.
For preventive measures:
- Install this Chrome extension to block all Coinhive malware.
- Apply good internet surfing habit, pay caution visiting potentially malicious websites.
- Don’t simply download untrustable applications even from Google Play store.
- Lastly, monitor the abnormal behavior of your devices like unusual high CPU usage or a drastic drop in the phone’s battery. They might be infected if high computing power was consistently being consumed without reasons.
有报道指出不单是网站有可能让你的电脑为陌生人挖矿,手机也成为了新目标。
Coinhive 提供了友善的编码界面让网站拥有者可以很容易的在自家网站装上,到访者的电脑就会被感染从而为之挖矿而不自知。Google play store 上也有数个拥有百万下载量的 App 会感染手机为远方的黑客挖矿,App 名字则被保密。
自保的方针有:
- 在电脑装上这个 Chrome 插件可以有效抵挡 Coinhive 攻击。
- 养成良好的上网习惯,拒绝访问来历不明的网站。
- 别随意下载应用软件,即使是来自Google Play store 这种官方渠道。
- 最后,密切观察设备的不正常状态。要是电脑的 CPU 使用帧率长时间处于高度使用状态,或是手机电池无故急剧下跌,那你很可能中奖了。
This page is synchronized from the post: ‘Don’’t mine for the hackers’