{"title":"Limitations of Web Cryptojacking Detection: A Practical Evaluation","authors":"Paweł Rajba, W. Mazurczyk","doi":"10.1145/3538969.3544466","DOIUrl":null,"url":null,"abstract":"Cryptojacking is one of the new threats that emerged several years ago with the growing popularity and increasing value of cryptocurrencies. In essence, it is a malicious technique where the attacker parasites on the victim’s resources like CPU time, memory, etc. to mine cryptocurrencies for his own benefit. Cryptojacking comes in two main flavors, i.e., as a malicious script embedded into the website or as a standalone malware residing on the compromised machine. As such threats are still widespread, in this paper, we perform a practical evaluation of the existing web browser blockers against real-world web-based cryptojacking solutions. The obtained experimental results reveal that in more than 60% of cases the tested defensive solutions fail in fighting this threat or can be easily fooled with a few simple modifications. This underlines the importance of further efforts toward developing effective countermeasures.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 17th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3538969.3544466","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Cryptojacking is one of the new threats that emerged several years ago with the growing popularity and increasing value of cryptocurrencies. In essence, it is a malicious technique where the attacker parasites on the victim’s resources like CPU time, memory, etc. to mine cryptocurrencies for his own benefit. Cryptojacking comes in two main flavors, i.e., as a malicious script embedded into the website or as a standalone malware residing on the compromised machine. As such threats are still widespread, in this paper, we perform a practical evaluation of the existing web browser blockers against real-world web-based cryptojacking solutions. The obtained experimental results reveal that in more than 60% of cases the tested defensive solutions fail in fighting this threat or can be easily fooled with a few simple modifications. This underlines the importance of further efforts toward developing effective countermeasures.