Windows 10: Protecting yourself from In-Browser Miners Solved

Page 3 of 10 FirstFirst 12345 ... LastLast

  1. Posts : 34,529
    Triple boot - Win 10 Pro, Win 10 Pro Insider (2) - (and a sprinkling of VMs)
       20 Feb 2018 #21

    CWGilley said: View Post
    I'd noticed the duplicates but didn't know if they mattered.

    On the GitHub app, is there anything I need to know? Self-installs? Self-maintains? Runs with StartUp?

    Remember, I know just enough to be really dangerous.
    Manual. Just fire it up, and click check for updates.

    Click image for larger version. 

Name:	2018-02-20_14h31_01.png 
Views:	5 
Size:	137.8 KB 
ID:	177882
      My ComputersSystem Spec


  2. Posts : 13,057
    Windows 10 (Pro and Insider Pro)
       20 Feb 2018 #22

    Interesting reading about finding Cryptohijacking sites:

    badpackets.net | how-to-find-cryptojacking-malware

    Posted on February 7, 2018 by Troy
    How to find cryptojacking malware

    Cryptojacking malware continues to spread across the web, largely due to the popularity of Coinhive. Since Coinhive’s launch in September 2017, numerous cryptojacking clones have come about.

    The tool I’ve chosen to locate them with is PublicWWW. This is a search engine that indexes the entire source code of websites. I previously offered a comparison of their dataset versus other providers in my discussion of Coinhive malware specifically.

    In this post, I detail how to find websites containing Coinhive, Crypto-Loot, CoinImp, and deepMiner in PublicWWW.

    Let’s jump in and see how many sites with cryptojacking malware we can find!
      My ComputerSystem Spec


  3. Posts : 699
    Windows 10 Home x64 Version 1803 (OS Build 17134.167)
       20 Feb 2018 #23

    OK, we'll see ...
      My ComputersSystem Spec


  4. Posts : 21,000
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
    Thread Starter
       20 Feb 2018 #24

    EdTittel said: View Post
    Thanks for bringing this to the community's attention, Cliff. At Kari's urging I wrote a story about this yesterday and gave this thread significant mention at Win10.guru: https://win10.guru/beware-of-browser-mining. Hope that's OK with you. Thanks again!
    --Ed--
    No problem Ed

    Word Man said: View Post
    Thanks to both you, Ed, and to Cliff S! Good article, Ed. I got a little tickle of motion sickness there in the second half, however.... Is there a formatting tweak needed?
    You're welcome Kenn:)

    Barman58 said: View Post
    I had a contract a few years ago for access control in an medical establishment, and the owner wished to control staff usage of the internet link in the Night time (and other times, but the night is always the time that things got put off whilst the staff surfed).

    I set up a remote proxy and added all the required URLs and IPs and everything worked - Trying to access a blacklisted site or basic domain was redirected and replaced with an appropriate message screen.

    Facebook would however not be stopped I kept on adding the IPs and URLs that were used to circumvent the block, until I had almost a hundred addresses - At this point I gave up and left it alone, all the redirects, did delay the page access so the users soon gave up. and I grew a healthy disdain for Facebook, although I was impressed by whoever did their setup
    @Barman58, You hate FB too?
    So do I:

    # Facebook
    0.0.0.0 0-act.channel.facebook.com
    0.0.0.0 0-edge-chat.facebook.com
    0.0.0.0 1-act.channel.facebook.com
    0.0.0.0 1-edge-chat.facebook.com
    0.0.0.0 2-act.channel.facebook.com
    0.0.0.0 2-edge-chat.facebook.com
    0.0.0.0 3-act.channel.facebook.com
    0.0.0.0 3-edge-chat.facebook.com
    0.0.0.0 4-act.channel.facebook.com
    0.0.0.0 4-edge-chat.facebook.com
    0.0.0.0 5-act.channel.facebook.com
    0.0.0.0 5-edge-chat.facebook.com
    0.0.0.0 6-act.channel.facebook.com
    0.0.0.0 6-edge-chat.facebook.com
    0.0.0.0 act.channel.facebook.com
    0.0.0.0 api-read.facebook.com
    0.0.0.0 api.ak.facebook.com
    0.0.0.0 api.connect.facebook.com
    0.0.0.0 api.facebook.com
    0.0.0.0 app.facebook.com
    0.0.0.0 apps.facebook.com
    0.0.0.0 ar-ar.facebook.com
    0.0.0.0 attachment.fbsbx.com
    0.0.0.0 attachments.facebook.com
    0.0.0.0 b-api.facebook.com
    0.0.0.0 b-graph.facebook.com
    0.0.0.0 b.static.ak.facebook.com
    0.0.0.0 b.static.ak.fbcdn.net
    0.0.0.0 badge.facebook.com
    0.0.0.0 beta-chat-01-05-ash3.facebook.com
    0.0.0.0 bigzipfiles.facebook.com
    0.0.0.0 blog.facebook.com
    0.0.0.0 channel-ecmp-05-ash3.facebook.com
    0.0.0.0 channel-staging-ecmp-05-ash3.facebook.com
    0.0.0.0 channel-testing-ecmp-05-ash3.facebook.com
    0.0.0.0 check4.facebook.com
    0.0.0.0 check6.facebook.com
    0.0.0.0 code.facebook.com
    0.0.0.0 connect.facebook.com
    0.0.0.0 connect.facebook.net
    0.0.0.0 d.facebook.com
    0.0.0.0 de-de.facebook.com
    0.0.0.0 developers.facebook.com
    0.0.0.0 edge-chat.facebook.com
    0.0.0.0 ent-a.xx.fbcdn.net
    0.0.0.0 ent-b.xx.fbcdn.net
    0.0.0.0 ent-c.xx.fbcdn.net
    0.0.0.0 ent-d.xx.fbcdn.net
    0.0.0.0 ent-e.xx.fbcdn.net
    0.0.0.0 es-la.facebook.com
    0.0.0.0 external.ak.fbcdn.net
    0.0.0.0 facebook.com
    0.0.0.0 facebook.de
    0.0.0.0 facebook.fr
    0.0.0.0 fb.me
    0.0.0.0 fbcdn-photos-a.akamaihd.net
    0.0.0.0 fbcdn-photos-e-a.akamaihd.net
    0.0.0.0 fbcdn-profile-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-a-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-b-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-c-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-d-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-e-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-f-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-g-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-h-a.akamaihd.net
    0.0.0.0 fbcdn-video-a-a.akamaihd.net
    0.0.0.0 fbcdn-video-b-a.akamaihd.net
    0.0.0.0 fbcdn-video-c-a.akamaihd.net
    0.0.0.0 fbcdn-video-d-a.akamaihd.net
    0.0.0.0 fbcdn-video-e-a.akamaihd.net
    0.0.0.0 fbcdn-video-f-a.akamaihd.net
    0.0.0.0 fbcdn-video-g-a.akamaihd.net
    0.0.0.0 fbcdn-video-h-a.akamaihd.net
    0.0.0.0 fbcdn-video-i-a.akamaihd.net
    0.0.0.0 fbcdn-video-j-a.akamaihd.net
    0.0.0.0 fbcdn-video-k-a.akamaihd.net
    0.0.0.0 fbcdn-video-l-a.akamaihd.net
    0.0.0.0 fbcdn-video-m-a.akamaihd.net
    0.0.0.0 fbcdn-video-n-a.akamaihd.net
    0.0.0.0 fbcdn-video-o-a.akamaihd.net
    0.0.0.0 fbcdn-video-p-a.akamaihd.net
    0.0.0.0 fbcdn-vthumb-a.akamaihd.net
    0.0.0.0 fbcdn.com
    0.0.0.0 fbcdn.net
    0.0.0.0 fbexternal-a.akamaihd.net
    0.0.0.0 fbstatic-a.akamaihd.net
    0.0.0.0 fr-fr.facebook.com
    0.0.0.0 graph.facebook.com
    0.0.0.0 hi-in.facebook.com
    0.0.0.0 inyour-slb-01-05-ash3.facebook.com
    0.0.0.0 it-it.facebook.com
    0.0.0.0 ja-jp.facebook.com
    0.0.0.0 login.facebook.com
    0.0.0.0 m.facebook.com
    0.0.0.0 messages-facebook.com
    0.0.0.0 mqtt.facebook.com
    0.0.0.0 newsroom.fb.com
    0.0.0.0 orcart.facebook.com
    0.0.0.0 origincache-ai-01-05-ash3.fbcdn.net
    0.0.0.0 origincache-starfacebook-ai-01-05-ash3.facebook.com
    0.0.0.0 photos-a.ak.fbcdn.net
    0.0.0.0 photos-b.ak.fbcdn.net
    0.0.0.0 photos-c.ak.fbcdn.net
    0.0.0.0 photos-d.ak.fbcdn.net
    0.0.0.0 photos-e.ak.fbcdn.net
    0.0.0.0 photos-f.ak.fbcdn.net
    0.0.0.0 photos-g.ak.fbcdn.net
    0.0.0.0 photos-h.ak.fbcdn.net
    0.0.0.0 profile.ak.facebook.com
    0.0.0.0 profile.ak.fbcdn.net
    0.0.0.0 pt-br.facebook.com
    0.0.0.0 s-external.ak.fbcdn.net
    0.0.0.0 s-static.ak.facebook.com
    0.0.0.0 s-static.ak.fbcdn.net
    0.0.0.0 s-static.facebook.com
    0.0.0.0 scontent-a-lax.xx.fbcdn.net
    0.0.0.0 scontent-a-sin.xx.fbcdn.net
    0.0.0.0 scontent-a.xx.fbcdn.net
    0.0.0.0 scontent-b-lax.xx.fbcdn.net
    0.0.0.0 scontent-b-sin.xx.fbcdn.net
    0.0.0.0 scontent-b.xx.fbcdn.net
    0.0.0.0 scontent-c.xx.fbcdn.net
    0.0.0.0 scontent-d.xx.fbcdn.net
    0.0.0.0 scontent-e.xx.fbcdn.net
    0.0.0.0 scontent-mxp.xx.fbcdn.net
    0.0.0.0 scontent.xx.fbcdn.net
    0.0.0.0 secure-profile.facebook.com
    0.0.0.0 secure.facebook.com
    0.0.0.0 sphotos-a.xx.fbcdn.net
    0.0.0.0 ssl.connect.facebook.com
    0.0.0.0 ssl.facebook.com
    0.0.0.0 star.c10r.facebook.com
    0.0.0.0 star.facebook.com
    0.0.0.0 static.ak.connect.facebook.com
    0.0.0.0 static.ak.facebook.com
    0.0.0.0 static.ak.fbcdn.net
    0.0.0.0 static.thefacebook.com
    0.0.0.0 staticxx.facebook.com
    0.0.0.0 touch.facebook.com
    0.0.0.0 upload.facebook.com
    0.0.0.0 video.xx.fbcdn.net
    0.0.0.0 vpn.tfbnw.net
    0.0.0.0 vthumb.ak.fbcdn.net
    0.0.0.0 vupload.facebook.com
    0.0.0.0 vupload2.vvv.facebook.com
    0.0.0.0 http://www.connect.facebook.net
    0.0.0.0 http://www.facebook.com
    0.0.0.0 http://www.facebook.de
    0.0.0.0 http://www.facebook.fr
    0.0.0.0 http://www.fbcdn.com
    0.0.0.0 http://www.fbcdn.net
    0.0.0.0 http://www.login.facebook.com

    0.0.0.0 zh-cn.facebook.com
    0.0.0.0 zh-tw.facebook.com
    # Facebook end
      My ComputersSystem Spec


  5. Posts : 699
    Windows 10 Home x64 Version 1803 (OS Build 17134.167)
       20 Feb 2018 #25

    Hey @Cliff S, I modified the Properties for your Edit hosts file to use Notepad++ instead. Hope you don't mind. If it's a problem, I'll put it back.
      My ComputersSystem Spec


  6. Posts : 21,000
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
    Thread Starter
       20 Feb 2018 #26

    CWGilley said: View Post
    Hey @Cliff S, I modified the Properties for your Edit hosts file to use Notepad++ instead. Hope you don't mind. If it's a problem, I'll put it back.
    It's just a shortcut I created using New in the right click menu, you can do as you wish, I didn't use any coding magic: C:\Windows\System32\notepad.exe c:\windows\system32\drivers\etc\hosts

    I actually only uploaded the shortcut because, many people over see the step to open Notepad as an admin, and then search for hosts, they almost always go to hosts through File Explorer, and then are doomed to fail.(to save the changes)
      My ComputersSystem Spec


  7. Posts : 699
    Windows 10 Home x64 Version 1803 (OS Build 17134.167)
       20 Feb 2018 #27

    Growing up I heard this more than once from Daddy: "Even a blind hog finds an acorn now and then". Anyway, thanks for the thread and your efforts.
      My ComputersSystem Spec


  8. Posts : 21,000
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
    Thread Starter
       09 Mar 2018 #28

    The list has been update yesterday 08 March 2018: https://raw.githubusercontent.com/Ze.../hosts_browser
      My ComputersSystem Spec


  9. Posts : 699
    Windows 10 Home x64 Version 1803 (OS Build 17134.167)
       09 Mar 2018 #29

    As always, Thanks Cliff. I need all the help I can get, and it's appreciated.
      My ComputersSystem Spec


  10. Posts : 21,000
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
    Thread Starter
       09 Mar 2018 #30

    CWGilley said: View Post
    As always, Thanks Cliff. I need all the help I can get, and it's appreciated.
    You're welcome:)
      My ComputersSystem Spec


 
Page 3 of 10 FirstFirst 12345 ... LastLast

Related Threads
Working as an I.T. Assistant for a public business my boss wants me to start password protecting the internet on all staff computers. Recently, somebody in the public was able to access questionable material on my computer, due to it being located...
Source: Google Online Security Blog: Protecting users from repeatedly dangerous sites
Hi, a quick curious question: I have two partitioned drives in my PC (not my C drive). If I removed these hard drives from my PC and reconnect them to another PC (a rebuild), will my partitions be lost on reconnection of the hard drives or will...
Source: Protecting Microsoft Edge against binary injection | Microsoft Edge Dev Blog
Sr. Citizen On Protecting Against Crypto, etc. On New PC ? in AntiVirus, Firewalls and System Security
Hello, Will be getting new desktop PC with W10 in a few days. Sr. Citizen now, and not ver sharp with PC's anymore, frankly. My old PC with W7 was clobbered by that CryptoLocker and I think it was called CBT Locker or something similar...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 04:01.
Find Us