Author Topic: How prepared is Avast for the rising wave of Cryptocurrency mining abuse?  (Read 2801 times)

0 Members and 1 Guest are viewing this topic.

Offline EmoHobo

  • Sr. Member
  • ****
  • Posts: 339
That's quickly becoming the biggest threat in malware and even some sites using JS code to force you to mine for them by visiting their page.  I was wondering how well Avast protects against this new and growing threat.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Evjls

  • Jr. Member
  • **
  • Posts: 96
Re: How prepared is Avast for the rising wave of Cryptocurrency mining abuse?
« Reply #2 on: February 14, 2018, 01:32:37 PM »
Well prepared, see...

https://blog.avast.com/ladies-and-gentlemen-prepare-your-cpu-web-browser-mining-is-coming
https://blog.avast.com/cryptocurrency-mining-malware-sneaks-onto-google-play
https://blog.avast.com/protect-yourself-from-cryptojacking
well prepared but haven't done anything yet. Cryptomining is still fully working without any intervention from avast. Norton DNS and ublock origin can do better job. I had to disable these 2 in order to test avast. Avast DOES NOT protect or just partially protect against cryptomining
I'm using Avast IS v18.1 with file shield, web shield, behavior shield and ransomware shield installed
https://i.imgur.com/cPe9OVv.png
https://i.imgur.com/mN9nN0s.png

again, don't really trust those documents. Test it yourself

EDIT: avast actually blocked cryptominers in internet explorer but not in my browser (slimjet)
« Last Edit: February 14, 2018, 01:41:07 PM by Evjls »


Offline Evjls

  • Jr. Member
  • **
  • Posts: 96
Re: How prepared is Avast for the rising wave of Cryptocurrency mining abuse?
« Reply #4 on: February 14, 2018, 01:49:30 PM »
Test say browser test ... should avast be trigged by that test?



https://steemit.com/monero/@kutz/hurray-avast-blocking-coinhive-web-miners

https://www.virustotal.com/#/file/4d6af0dba75bedf4d8822a776a331b2b1591477c6df18698ad5b8628e0880382/detection
avast failed to block coinhive scripts while testing with my browser Slimjet -> it means avast just protects cryptomining (script scanning) in supported applications: IE, chrome, firefox, adobe reader, and " other applications" (I assume they are windows script host = wscript.exe and cscript.exe)

there are many malwares which inject scripts into windows processes and start mining. I tested 1 sample yesterday, which injected into svchosts.exe. In this case, avast may fail

Offline Evjls

  • Jr. Member
  • **
  • Posts: 96
Re: How prepared is Avast for the rising wave of Cryptocurrency mining abuse?
« Reply #5 on: February 14, 2018, 02:09:59 PM »
The best, free and easiest way to protect yourselves from cryptomining:
- Use Norton DNS: tested working -> can protect system-wise
- install an adblocker which also supports hosts file format (ublock origin) and add these 2 filters:
https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/hosts
https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/nocoin.txt