Security researchers from Malwarebytes have discovered a new technique that enables website owners or attackers that have hacked websites to keep mining for Cryptocurrency even if you close the browser window.
To prove their findings, the researchers have conducted many tests using the latest version of the Google Chrome browser. They noticed that once a user visits a website, the CPU activity rises but is not maxed out, however when the browser window is closed, the activity remains higher than normal as crypto mining continues.
According to Malwarebytes:
The trick is that although the visible browser windows are closed, there is a hidden one that remains opened. This is due to a pop-under which is sized to fit right under the taskbar and hides behind the clock. The hidden window’s coordinates will vary based on each user’s screen resolution, but follow this rule:
-Horizontal position = ( current screen x resolution ) – 100
-Vertical position = ( current screen y resolution ) – 40
The new technique has been created to bypass adblockers and is a lot harder to recognize because of how cleverly it covers itself. Closing the browser window using the “X” button is not enough. Users are recommended to use Task Manager to ensure there is no remnant running browser processes and kill them.