Popular Web Browser Firefox to Start Blocking Cryptojacking Malware

  • Firefox is set to start blocking cryptocurrency mining malware
  • The moves comes as the browser attempts to "give users a voice" when browsing the web.

Firefox, one of the world’s most popular web browsers, is set to start blocking cryptojacking malware by default in order to improve user experience and enhance its performance, in an anti-tracking initiative.

Through a blog post, the organization behind the open-source browser revealed it plans on blocking trackers and other harmful practices to “give users a voice.” Some of its new features, per the blog post, are already available in its Firefox Nightly beta version.

The post, written by Mozilla’s vice president of product Nick Nguyen, details Firefox will mitigate deceptive practices that include fingerprinting users – a technique used to “invisibly identify users by their device properties” and cryptojacking. It reads:

Other sites have deployed cryptomining scripts that silently mine cryptocurrencies on the user’s device. Practices like these make the web a more hostile place to be. Future versions of Firefox will block these practices by default.

Cryptojacking essentially consists of websites adding scripts to their code that let them use their visitors’ CPU resources to mine cryptocurrencies. While some websites ask users to use their CPUs instead of showing them ads, most use them without letting users know.

These scripts often ruin browsing experiences and can physically damage devices if they overheat. Over the past few months cryptojacking became a popular trend, as McAfee labs revealed cryptojacking malware cases increased by 629% in the first quarter of this year.

A study commissioned by Citrix and executed by OnePoll earlier this month revealed that 59% of businesses in the UK have, at some point, been hit with cryptojacking attacks. The trend grew so much that the Uk National Cyber Security Center revealed it is seen as a “significant” threat.

Firefox’s features are set to be tested on its Firefox Nightly beta version, and will be rolled out to a stable Firefox release by default if the company’s approach “performs well.” Firefox is notably one of various browser developers blocking cryptojacking malware and addressing the cryptocurrency space.

As CryptoGlobe covered Google has recently removed cryptocurrency mining apps from its Play Store, months after removing extensions from Chrome’s web store. Despite the tech giant’s move, several crypto mining apps were still on its app store after the ban.

Opera, a browser that recently introduced a mobile browser for Android with a built-in crypto wallet, rolled out mining script protection for its mobile users in January of this year. The feature was already featured on its desktop version by default. Notably, Opera is set to add its built-in cryptocurrency wallet to its desktop browser.

The Brave browser, founded by JavaScript creator and Mozilla co-founder Brendan Eich, also blocks trackers and cryptocurrency mining malware by default. Brave, as covered, recently surpassed 10 million downloads on Google’s Play store.

Coinbase Doesn’t Want You to Get Scammed on Telegram

On Friday (April 19), cryptoasset exchange Coinbase's security team explained how various "threat actors" are trying to use Coinbase's brand to commit scams on messaging platform Telegram. 

Telegram is a free cloud-based messaging app with the ability to make voice/video calls. It is available as a web app, a mobile app (OS and Android), and a desktop app (MacOS, Windows, and Linux). In recent years, it has become the messaging platform of choice for cryptocurrency traders/investors, developers, and entrepreneurs for various reasons, such as the ability to create price bots.

In a long, detailed article published on Friday, Matt Muller, Head of Security Operations at Coinbase, started by pointing out that "Coinbase does not provide support through Telegram, nor do we have any authorized groups or channels." (In fact, "Coinbase has no official presence on Telegram," and "any usage of the Coinbase logo or brand on Telegram" should be considered a scam.)

He then went on to say that Coinbase's security team has been following the activities of "several threat actors attempting to leverage the Coinbase brand on Telegram for purposes ranging from crypto scams to account takeovers." 

In order to help users of Coinbase and other exchanges recognize "the signs that they may be talking to a scammer," Muller outlined some of the most common scam techniques on Telegram.

  • Employment Scams"Scammers on Telegram impersonate Coinbase recruiters and executives with fake career opportunities. These scams prey on job seekers, soliciting payment for training materials, mining hardware, or in some cases providing stolen financials for the purposes of money laundering. These job offers will appear very legitimate, with forged offer letters and seemingly astute interview questions. Coinbase recruiters will never contact job seekers via Telegram."
  • Giveaway Scams: "Impersonations of our executives and brand to perpetuate giveaway scams are becoming increasingly common on Telegram. One channel in particular, titled simply Coinbase, advertises a new giveaway scam almost daily."
  • Load-up Scams: "Telegram frequently hosts scammers advertising the buying or 'loading' of accounts with high limits. These scammers ask to access your Coinbase account, so they can use your verified limits to buy digital currency. While they claim to split profits with the account holder, in actuality, they use stolen credit cards and bank accounts, leaving you responsible for facilitating a financial crime. When the legitimate card or account holder reverses payments, you will be responsible for any account delinquencies caused by the fraudulent bank reversals. In many cases, the scammer will lock you out of your account, use your own payment methods without consent and steal any available digital currency."
  • Tech Support Scams: "Scams impersonating customer support take many shapes and sizes... Scammers will impersonate Coinbase or Coinbase employees, asking you to take action that results in theft of digital currency. Some scams involve fake promo offers. Many of these scams ask for remote access to your computer, something Coinbase personnel will never ask for... In other situations, the scammers pressure you into 'upgrading' or securing your Coinbase account by sending digital currency to their external address."
  • Coin Listing and ICO Scams: "Scammers on Telegram often approach project developers soliciting payment for asset listings on Coinbase and other digital asset exchanges. In addition, scams promising investment bonuses on new ICO listings are prolific."

Featured Image Credit: Photo by "geralt" via Pixabay.com