Mozilla Firefox, the most outstanding open source browser, has announced the implementation of new protection measures against cryptocurrency mining malware attacks (cryptojacking) on new browser versions, reported vulnerability testing specialists from the International Institute of Cyber Security (IICS).
In the newer versions of Firefox, Nightly 68 and Beta 67, Mozilla has enabled a new level of protection against some variants of cryptojacking as part of the set of content blocking protections in Firefox.
These new functions were developed in conjunction with a cybersecurity specialist firm; According to the vulnerability testing specialists, these features include a considerable set of blacklists of malware domains associated with cryptocurrency mining scripts.
Developers ensure that this blacklist is capable of blocking browser-based cryptojacking services, such as Coinhive or CryptoLoot.
These new features are not yet enabled by default in the browser, but simply look for them in the ‘Privacy and security’ section; the new features will be enabled by default in Firefox Nightly over the next few weeks.
According to the vulnerability testing specialists, the revenues of a cryptojacking campaign depend on how aggressive the mining script is. However, if the process becomes too aggressive, users should note that their computer is being used for cryptocurrency mining, and they will be recommended to interrupt the process (leaving the compromised website, for example).
Taking as reference the 10 most profitable sites that have mining code attached on them, researchers at a cybersecurity firm estimated that they are capable of generating between 0.53 and 1.51 units of Monero cryptocurrency a day, i.e. between $119 USD and $340 USD, according to their current value.
While it may seem little profits, since revenue is obtained at no cost to the attacker, this remains a remarkable gain. “However, we come to the conclusion that the current cryptojacking is not as profitable as one might expect and the general income is moderate,” the investigators said.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.