Threat Database Ransomware CPU Miner CPU Miner

By GoldSparrow in Ransomware

The Mi-de-ner-nis3[.]info CPU Miner is a variant of the CoinCube Miner that we reported on May 22nd, 2018. Computer security analysts note that the name " CPU Miner" is a working title that refers to a CoinCube variant hosted at h[tt]ps://dynya-may.github[.]io/worker.js. PC users are advised to avoid loading h[tt]p://mi-de-ner-nis3[.]info/cdn-37.html and related pages. Loading h[tt]p://mi-de-ner-nis3[.]info leads to an increased CPU load and browser unresponsiveness. All modern browsers that support JavaScript are vulnerable to the crypto-jacking performed by the Mi-de-ner-nis3[.]info CPU Miner.

The type of crypto-jacking performed by Mi-de-ner-nis3[.]info involves the use of a JavaScript-based Miner for digital coins like Monero, Bitcoin, Litecoin, Ethereum and Vega. The script uploaded to h[tt]ps://dynya-may.github[.]io hijacks the processing power on your machine and allows third parties to earn money using your hardware. All machines that verify digital coin transactions (mining) receive a fee for their work. The more PCs are running the Mi-de-ner-nis3[.]info CPU Miner the more money are granted to the author of the script. The page at h[tt]p://mi-de-ner-nis3[.]info may look like a reCAPTCHA transitional page that Web surfers are likely to recognize by the alert saying:

'Checking your browser before accessing
This process is automatic. Yout browser will redirect to your requested content shortly.
Please allow up to 5 seconds…
[checkbox] I’m not a robot
DDoS protection by Cloudflare
Ray ID: ew0c4s6ash75790p'

The fake reCAPTCHA page at h[tt]p://mi-de-ner-nis3[.]info is responsible for loading the JavaScript mining component from h[tt]ps://dynya-may.github[.]io and PC users are not redirected to other pages. The Mi-de-ner-nis3[.]info CPU Miner is very similar to the deepMiner Cryptojacking and the Minr Cryptojacking. You can block access to the domains associated with crypto-jacking by using the "Report a page" functionality in your Web browser. Fortunately, there is no code stored on your machine, and you don’t need to perform a full-scale cleaning. PC users may be interested in installing a community-supported browser extension that blocks tools like the Mi-de-ner-nis3[.]info CPU Miner.


Most Viewed