Portland: There’s a chance your computer or phone is quietly producing a cryptocurrency called Monero.
Criminals looking to commandeer massive processing power to unlock new Monero coins have unleashed an epidemic of malicious software that burrows deep into victims’ web browsers to surreptitiously run calculations.
A security researcher discovered the latest attack last weekend, finding the malware on more than 4,000 sites, including those owned by the US court system, the governments of Australia and Britain, and City University of New York, all of which used a text-to-speech accessibility script called Browsealoud.
Browsealoud will be offline until 15 February to beef up security, the firms behind the code, Texthelp Ltd, said on its website. The online hijackings show the lengths to which some people will go to stockpile Monero—a so-called privacy coin that, once obtained, is particularly hard for authorities to trace. After a 20-fold surge in price over the past year to about $275 per coin, Monero now ranks 13th among cryptocurrencies with a market value of $4.3 billion, according to CoinMarketCap.com.
About 630 of the top 300,000 websites tracked by Amazon.com Inc.’s Alexa Internet unit have mining code embedded in them, researcher 360 Netlab estimated on 7 February. This week, Kaspersky Lab warned some users of Telegram messaging app also have been mining coins, while Malwarebytes Labs said millions of Android devices are currently mining Monero. Monero mining is spreading as—unlike most coins—it can be produced with a typical device most people already own. livemint