Author Topic: How prepared is Avast for the rising wave of Cryptocurrency mining abuse?  (Read 1649 times)

0 Members and 1 Guest are viewing this topic.

Offline EmoHobo

  • Sr. Member
  • ****
  • Posts: 339
That's quickly becoming the biggest threat in malware and even some sites using JS code to force you to mine for them by visiting their page.  I was wondering how well Avast protects against this new and growing threat.

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 72960
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Win 8.1 [x64] - Avast PremSec 21.11.6787.IBC [UI.682] - EEK - Firefox ESR 91.4 [NS/uBO/PB] - TB 91.4
Avast-Tools: Secure Browser 96.0 - Cleanup 21.4 - SecureLine 5.14 - Driver Updater 21.4 - CCleaner 5.87
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Evjls

  • Jr. Member
  • **
  • Posts: 96
Re: How prepared is Avast for the rising wave of Cryptocurrency mining abuse?
« Reply #2 on: February 14, 2018, 01:32:37 PM »
Well prepared, see...

https://blog.avast.com/ladies-and-gentlemen-prepare-your-cpu-web-browser-mining-is-coming
https://blog.avast.com/cryptocurrency-mining-malware-sneaks-onto-google-play
https://blog.avast.com/protect-yourself-from-cryptojacking
well prepared but haven't done anything yet. Cryptomining is still fully working without any intervention from avast. Norton DNS and ublock origin can do better job. I had to disable these 2 in order to test avast. Avast DOES NOT protect or just partially protect against cryptomining
I'm using Avast IS v18.1 with file shield, web shield, behavior shield and ransomware shield installed
https://i.imgur.com/cPe9OVv.png
https://i.imgur.com/mN9nN0s.png

again, don't really trust those documents. Test it yourself

EDIT: avast actually blocked cryptominers in internet explorer but not in my browser (slimjet)
« Last Edit: February 14, 2018, 01:41:07 PM by Evjls »


Offline Evjls

  • Jr. Member
  • **
  • Posts: 96
Re: How prepared is Avast for the rising wave of Cryptocurrency mining abuse?
« Reply #4 on: February 14, 2018, 01:49:30 PM »
Test say browser test ... should avast be trigged by that test?



https://steemit.com/monero/@kutz/hurray-avast-blocking-coinhive-web-miners

https://www.virustotal.com/#/file/4d6af0dba75bedf4d8822a776a331b2b1591477c6df18698ad5b8628e0880382/detection
avast failed to block coinhive scripts while testing with my browser Slimjet -> it means avast just protects cryptomining (script scanning) in supported applications: IE, chrome, firefox, adobe reader, and " other applications" (I assume they are windows script host = wscript.exe and cscript.exe)

there are many malwares which inject scripts into windows processes and start mining. I tested 1 sample yesterday, which injected into svchosts.exe. In this case, avast may fail

Offline Evjls

  • Jr. Member
  • **
  • Posts: 96
Re: How prepared is Avast for the rising wave of Cryptocurrency mining abuse?
« Reply #5 on: February 14, 2018, 02:09:59 PM »
The best, free and easiest way to protect yourselves from cryptomining:
- Use Norton DNS: tested working -> can protect system-wise
- install an adblocker which also supports hosts file format (ublock origin) and add these 2 filters:
https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/hosts
https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/nocoin.txt