Explore the phenomenon of web-based cryptojacking in this 39-minute conference talk from the 35th Chaos Communication Congress (35C3). Delve into the inner workings of browser-based cryptocurrency mining scripts, their prevalence on popular websites, and the potential earnings for attackers. Learn about the rise of memory-bound cryptocurrencies like Monero and how they've made JavaScript-based mining a viable alternative to dedicated mining rigs. Discover the methodology used to identify mining scripts across the Alexa top 1 million websites, and gain insights into code characteristics, estimated mining revenues, and the effectiveness of current blacklist-based countermeasures. Understand the implications of this parasitic computing trend and learn how to protect yourself against cryptojacking attacks.
Overview
Syllabus
35C3 - Web-based Cryptojacking in the Wild
Taught by
media.ccc.de