CoinCube Miner

CoinCube Miner is a JavaScript-based cryptocurrency mining code that can be integrated into any page and site on the Internet. The CoinCube Miner is not affiliated with the index-based crypto-investing site on h[tt]ps://coincube[.]io. Threat actors work with adware developers to generate connections to pages that host the CoinCube Miner. We have seen that the programs that belong to the File Tour family of adware are used to divert Internet requests to pages that feature the CoinCube JavaScript Miner. The incoming page requests allow the threat actors to exploit the processing power of the infected users for profit. In short, "crypto-jacking" is a term that is used to denote an activity where threat actors use an online (CoinHive and CoinImp) or an offline tool (XMRig) to hijack processing power and mine for cryptocurrencies, as well as cases where the cybercriminals substitute the receiving wallet address in digital money transactions (ComboJack).

Adware Leads to Cryptojacking

The attack vector used in the CoinCube Miner campaign is adware that you may be suggested is a simple browser add-on or a free PDF reader application. Once the adware is on your computer, it would scan the system for available Web browsers and write a Registry key to load a Web page in the background. We have seen adware recognize Google Chrome installations and produce a script that loads the browser in the system background. Users are not shown the program window in the Taskbar, but the Task Manager is reported to display the hidden running instance of Google Chrome. As long as the manipulated Chrome browser is running in the background, the users will be unable to utilize most of the programs on their system. The CoinCube Miner is observed to hijack nearly all the processing power on the compromised machines. There are bound to be program crashes and slow response to user commands.

Symptoms of Coincube Activity and How to Protect Your Device

The pages with CoinCube may be customized to mine for various cryptocurrencies like Monero, Bitcoin. Litecoin, Vega and Ethereum. The intensive activity of crypto-currency mining with applications like the CoinCube Miner may lead to increased electricity bills and heating up of hardware components, not to mention that Windows would be unable to install updates and run your applications correctly. Computer security researchers recommend users terminate the corrupted instances of Google Chrome and scan their systems with a reputable anti-malware engine. You may want to schedule automatic scans each week as tools like the CoinCube Miner emerge often.


Most Viewed