Report Finds That URL Shorteners May Be Enabling Crypto Jacking

Published 5 years ago on July 04, 2018

Report Finds That URL Shorteners May Be Enabling Crypto Jacking

A new report has found that URL shorteners could be being used to enable malicious cryptocurrency mining. If you don’t know what a URL shortener is, then you’re probably not at risk of this, however just for clarity; a URL shortener is a website that allows you to shorten a URL, this is useful for social media and emails for example.You can do this via websites such as tinyurl.com, in fact, here’s an example from their website: Turn this URL:https://www.amazon.com/Kindle-Wireless-Reading-Display-Globally/dp/B003FSUDM4/ref=amb_link_353259562_2?pf_rd_m=ATVPDKIK X0DER&pf_rd_s=center-10&pf_rd_r=11EYKTN682A79T370AM3&pf_rd_t=201&pf_rd_p=1270985982&pf_rd_i=B002Y27P3M into this TinyURL:https://tinyurl.com/KindleWirelessCoinhive, the website that allows users to embed JavaScript crypto-miners onto their own web browser also provides a URL shortener system which allows for the mining of cryptocurrency via the new short link. New research has found that hackers have been using this system from Coinhive, to change the URL’s of a number of legitimate websites and links on those websites. As a result of this, a large number of innocent users are having their browsers utilised for malicious cryptocurrency mining. Here’s an example of how this works - Imagine the BBC website has a link to an external source. The hackers will take this link, change it slightly via Coinhive, then hack into the BBC website to add the new link. From a visual inspection very little has changed and thus nobody notices a difference. Moreover, when you click the link you are indeed taken to a legitimate website, however, the link also embeds a JavaScript miner onto your browser. It’s a very clever tactic indeed on the surface. According to Thehackernews.com:

“Hackers add an obfuscated javascript code into hacked websites, which dynamically injects an invisible iframe (1×1 pixel) into the webpage as soon as it is loaded on the visitor's web browser. Since the URL shortener loads using the hidden iFrame is invisible, noticing it on a web page will be quite difficult. The infected webpage then automatically starts mining until the Coinhive short-link service redirects the user to the original URL.”

Moreover:“Once the required number of hashes have been achieved, the link behind the short-URLs further redirects the user back to the same page in an attempt to start the mining process once again, where the site visitor would trick into thinking that the web page has only been refreshed.”See more from The Hacker News here- https://thehackernews.com/2018/07/coinhive-shortlink-crypto-mining.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29 Or, via this short link- https://tinyurl.com/thisisnotacryptojackinglink(we promise that the short link is not going to enable a malicious miner!) It is of course very important that we are aware of this sort of activity. Unfortunately, these sorts of links are very hard to detect, so, as ever, if you notice your browser running slowly, or things on your machine don’t seem to be up to scratch, please bear in mind malicious mining. It is a real threat, one which we need to protect yourselves from. Keep your Antivirus software up to date and be vigilant online, that’s our best advice at least. Investment Disclaimer

Nathan Bentley

As a key writer for Crypto Daily, Nathan’s role entails the creation of cutting edge news articles, reviews, press releases and general content creation. Nathan’s stories strive to include the most up-to-date cryptocurrency news and affairs, contributing to Crypto Daily’s growing network. Nathans previous experience as a researcher ...