Protecting yourself from In-Browser Miners

Page 3 of 39 FirstFirst 1234513 ... LastLast

  1. Posts : 56,806
    Multi-boot Windows 10/11 - RTM, RP, Beta, and Insider
       #21

    CWGilley said:
    I'd noticed the duplicates but didn't know if they mattered.

    On the GitHub app, is there anything I need to know? Self-installs? Self-maintains? Runs with StartUp?

    Remember, I know just enough to be really dangerous.
    Manual. Just fire it up, and click check for updates.

    Protecting yourself from In-Browser Miners-2018-02-20_14h31_01.png
      My Computers


  2. Posts : 30,524
    Windows 10 (Pro and Insider Pro)
       #22

    Interesting reading about finding Cryptohijacking sites:

    badpackets.net | how-to-find-cryptojacking-malware

    Posted on February 7, 2018 by Troy
    How to find cryptojacking malware

    Cryptojacking malware continues to spread across the web, largely due to the popularity of Coinhive. Since Coinhive’s launch in September 2017, numerous cryptojacking clones have come about.

    The tool I’ve chosen to locate them with is PublicWWW. This is a search engine that indexes the entire source code of websites. I previously offered a comparison of their dataset versus other providers in my discussion of Coinhive malware specifically.

    In this post, I detail how to find websites containing Coinhive, Crypto-Loot, CoinImp, and deepMiner in PublicWWW.

    Let’s jump in and see how many sites with cryptojacking malware we can find!
      My Computers


  3. Posts : 1,097
    Windows 10 Home x64 Version 1809 (OS Build 17763.437)
       #23

    OK, we'll see ...
      My Computer


  4. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
    Thread Starter
       #24

    EdTittel said:
    Thanks for bringing this to the community's attention, Cliff. At Kari's urging I wrote a story about this yesterday and gave this thread significant mention at Win10.guru: https://win10.guru/beware-of-browser-mining. Hope that's OK with you. Thanks again!
    --Ed--
    No problem Ed

    Word Man said:
    Thanks to both you, Ed, and to Cliff S! Good article, Ed. I got a little tickle of motion sickness there in the second half, however.... Is there a formatting tweak needed?
    You're welcome Kenn:)

    Barman58 said:
    I had a contract a few years ago for access control in an medical establishment, and the owner wished to control staff usage of the internet link in the Night time (and other times, but the night is always the time that things got put off whilst the staff surfed).

    I set up a remote proxy and added all the required URLs and IPs and everything worked - Trying to access a blacklisted site or basic domain was redirected and replaced with an appropriate message screen.

    Facebook would however not be stopped I kept on adding the IPs and URLs that were used to circumvent the block, until I had almost a hundred addresses - At this point I gave up and left it alone, all the redirects, did delay the page access so the users soon gave up. and I grew a healthy disdain for Facebook, although I was impressed by whoever did their setup
    @Barman58, You hate FB too?
    So do I:

    # Facebook
    0.0.0.0 0-act.channel.facebook.com
    0.0.0.0 0-edge-chat.facebook.com
    0.0.0.0 1-act.channel.facebook.com
    0.0.0.0 1-edge-chat.facebook.com
    0.0.0.0 2-act.channel.facebook.com
    0.0.0.0 2-edge-chat.facebook.com
    0.0.0.0 3-act.channel.facebook.com
    0.0.0.0 3-edge-chat.facebook.com
    0.0.0.0 4-act.channel.facebook.com
    0.0.0.0 4-edge-chat.facebook.com
    0.0.0.0 5-act.channel.facebook.com
    0.0.0.0 5-edge-chat.facebook.com
    0.0.0.0 6-act.channel.facebook.com
    0.0.0.0 6-edge-chat.facebook.com
    0.0.0.0 act.channel.facebook.com
    0.0.0.0 api-read.facebook.com
    0.0.0.0 api.ak.facebook.com
    0.0.0.0 api.connect.facebook.com
    0.0.0.0 api.facebook.com
    0.0.0.0 app.facebook.com
    0.0.0.0 apps.facebook.com
    0.0.0.0 ar-ar.facebook.com
    0.0.0.0 attachment.fbsbx.com
    0.0.0.0 attachments.facebook.com
    0.0.0.0 b-api.facebook.com
    0.0.0.0 b-graph.facebook.com
    0.0.0.0 b.static.ak.facebook.com
    0.0.0.0 b.static.ak.fbcdn.net
    0.0.0.0 badge.facebook.com
    0.0.0.0 beta-chat-01-05-ash3.facebook.com
    0.0.0.0 bigzipfiles.facebook.com
    0.0.0.0 blog.facebook.com
    0.0.0.0 channel-ecmp-05-ash3.facebook.com
    0.0.0.0 channel-staging-ecmp-05-ash3.facebook.com
    0.0.0.0 channel-testing-ecmp-05-ash3.facebook.com
    0.0.0.0 check4.facebook.com
    0.0.0.0 check6.facebook.com
    0.0.0.0 code.facebook.com
    0.0.0.0 connect.facebook.com
    0.0.0.0 connect.facebook.net
    0.0.0.0 d.facebook.com
    0.0.0.0 de-de.facebook.com
    0.0.0.0 developers.facebook.com
    0.0.0.0 edge-chat.facebook.com
    0.0.0.0 ent-a.xx.fbcdn.net
    0.0.0.0 ent-b.xx.fbcdn.net
    0.0.0.0 ent-c.xx.fbcdn.net
    0.0.0.0 ent-d.xx.fbcdn.net
    0.0.0.0 ent-e.xx.fbcdn.net
    0.0.0.0 es-la.facebook.com
    0.0.0.0 external.ak.fbcdn.net
    0.0.0.0 facebook.com
    0.0.0.0 facebook.de
    0.0.0.0 facebook.fr
    0.0.0.0 fb.me
    0.0.0.0 fbcdn-photos-a.akamaihd.net
    0.0.0.0 fbcdn-photos-e-a.akamaihd.net
    0.0.0.0 fbcdn-profile-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-a-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-b-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-c-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-d-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-e-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-f-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-g-a.akamaihd.net
    0.0.0.0 fbcdn-sphotos-h-a.akamaihd.net
    0.0.0.0 fbcdn-video-a-a.akamaihd.net
    0.0.0.0 fbcdn-video-b-a.akamaihd.net
    0.0.0.0 fbcdn-video-c-a.akamaihd.net
    0.0.0.0 fbcdn-video-d-a.akamaihd.net
    0.0.0.0 fbcdn-video-e-a.akamaihd.net
    0.0.0.0 fbcdn-video-f-a.akamaihd.net
    0.0.0.0 fbcdn-video-g-a.akamaihd.net
    0.0.0.0 fbcdn-video-h-a.akamaihd.net
    0.0.0.0 fbcdn-video-i-a.akamaihd.net
    0.0.0.0 fbcdn-video-j-a.akamaihd.net
    0.0.0.0 fbcdn-video-k-a.akamaihd.net
    0.0.0.0 fbcdn-video-l-a.akamaihd.net
    0.0.0.0 fbcdn-video-m-a.akamaihd.net
    0.0.0.0 fbcdn-video-n-a.akamaihd.net
    0.0.0.0 fbcdn-video-o-a.akamaihd.net
    0.0.0.0 fbcdn-video-p-a.akamaihd.net
    0.0.0.0 fbcdn-vthumb-a.akamaihd.net
    0.0.0.0 fbcdn.com
    0.0.0.0 fbcdn.net
    0.0.0.0 fbexternal-a.akamaihd.net
    0.0.0.0 fbstatic-a.akamaihd.net
    0.0.0.0 fr-fr.facebook.com
    0.0.0.0 graph.facebook.com
    0.0.0.0 hi-in.facebook.com
    0.0.0.0 inyour-slb-01-05-ash3.facebook.com
    0.0.0.0 it-it.facebook.com
    0.0.0.0 ja-jp.facebook.com
    0.0.0.0 login.facebook.com
    0.0.0.0 m.facebook.com
    0.0.0.0 messages-facebook.com
    0.0.0.0 mqtt.facebook.com
    0.0.0.0 newsroom.fb.com
    0.0.0.0 orcart.facebook.com
    0.0.0.0 origincache-ai-01-05-ash3.fbcdn.net
    0.0.0.0 origincache-starfacebook-ai-01-05-ash3.facebook.com
    0.0.0.0 photos-a.ak.fbcdn.net
    0.0.0.0 photos-b.ak.fbcdn.net
    0.0.0.0 photos-c.ak.fbcdn.net
    0.0.0.0 photos-d.ak.fbcdn.net
    0.0.0.0 photos-e.ak.fbcdn.net
    0.0.0.0 photos-f.ak.fbcdn.net
    0.0.0.0 photos-g.ak.fbcdn.net
    0.0.0.0 photos-h.ak.fbcdn.net
    0.0.0.0 profile.ak.facebook.com
    0.0.0.0 profile.ak.fbcdn.net
    0.0.0.0 pt-br.facebook.com
    0.0.0.0 s-external.ak.fbcdn.net
    0.0.0.0 s-static.ak.facebook.com
    0.0.0.0 s-static.ak.fbcdn.net
    0.0.0.0 s-static.facebook.com
    0.0.0.0 scontent-a-lax.xx.fbcdn.net
    0.0.0.0 scontent-a-sin.xx.fbcdn.net
    0.0.0.0 scontent-a.xx.fbcdn.net
    0.0.0.0 scontent-b-lax.xx.fbcdn.net
    0.0.0.0 scontent-b-sin.xx.fbcdn.net
    0.0.0.0 scontent-b.xx.fbcdn.net
    0.0.0.0 scontent-c.xx.fbcdn.net
    0.0.0.0 scontent-d.xx.fbcdn.net
    0.0.0.0 scontent-e.xx.fbcdn.net
    0.0.0.0 scontent-mxp.xx.fbcdn.net
    0.0.0.0 scontent.xx.fbcdn.net
    0.0.0.0 secure-profile.facebook.com
    0.0.0.0 secure.facebook.com
    0.0.0.0 sphotos-a.xx.fbcdn.net
    0.0.0.0 ssl.connect.facebook.com
    0.0.0.0 ssl.facebook.com
    0.0.0.0 star.c10r.facebook.com
    0.0.0.0 star.facebook.com
    0.0.0.0 static.ak.connect.facebook.com
    0.0.0.0 static.ak.facebook.com
    0.0.0.0 static.ak.fbcdn.net
    0.0.0.0 static.thefacebook.com
    0.0.0.0 staticxx.facebook.com
    0.0.0.0 touch.facebook.com
    0.0.0.0 upload.facebook.com
    0.0.0.0 video.xx.fbcdn.net
    0.0.0.0 vpn.tfbnw.net
    0.0.0.0 vthumb.ak.fbcdn.net
    0.0.0.0 vupload.facebook.com
    0.0.0.0 vupload2.vvv.facebook.com
    0.0.0.0 http://www.connect.facebook.net
    0.0.0.0 http://www.facebook.com
    0.0.0.0 http://www.facebook.de
    0.0.0.0 http://www.facebook.fr
    0.0.0.0 http://www.fbcdn.com
    0.0.0.0 http://www.fbcdn.net
    0.0.0.0 http://www.login.facebook.com

    0.0.0.0 zh-cn.facebook.com
    0.0.0.0 zh-tw.facebook.com
    # Facebook end
      My Computers


  5. Posts : 1,097
    Windows 10 Home x64 Version 1809 (OS Build 17763.437)
       #25

    Hey @Cliff S, I modified the Properties for your Edit hosts file to use Notepad++ instead. Hope you don't mind. If it's a problem, I'll put it back.
      My Computer


  6. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
    Thread Starter
       #26

    CWGilley said:
    Hey @Cliff S, I modified the Properties for your Edit hosts file to use Notepad++ instead. Hope you don't mind. If it's a problem, I'll put it back.
    It's just a shortcut I created using New in the right click menu, you can do as you wish, I didn't use any coding magic: C:\Windows\System32\notepad.exe c:\windows\system32\drivers\etc\hosts

    I actually only uploaded the shortcut because, many people over see the step to open Notepad as an admin, and then search for hosts, they almost always go to hosts through File Explorer, and then are doomed to fail.(to save the changes)
      My Computers


  7. Posts : 1,097
    Windows 10 Home x64 Version 1809 (OS Build 17763.437)
       #27

    Growing up I heard this more than once from Daddy: "Even a blind hog finds an acorn now and then". Anyway, thanks for the thread and your efforts.
      My Computer


  8. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
    Thread Starter
       #28

    The list has been update yesterday 08 March 2018: https://raw.githubusercontent.com/Ze.../hosts_browser
      My Computers


  9. Posts : 1,097
    Windows 10 Home x64 Version 1809 (OS Build 17763.437)
       #29

    As always, Thanks Cliff. I need all the help I can get, and it's appreciated.
      My Computer


  10. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
    Thread Starter
       #30

    CWGilley said:
    As always, Thanks Cliff. I need all the help I can get, and it's appreciated.
    You're welcome:)
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:33.
Find Us




Windows 10 Forums