In the previous research conducted by security IT-companies, it was found that a miner could be run as long as the web browser was running. Should you close the browser and mining activity stops as well. However, as per the latest technique spotted by Malwarebytes, some suspicious website owners can mine crypto coins like Monero even after browser software is closed.
How it works and is it possible to prevent it?
It was found that when a user visits a website, there is a light growth in the CPU activity. As the activity is not maxed, the user doesn’t notice anything strange. Once the user closes the browser application, the CPU activity is still remains higher than normal and cryptomining process continues. So what’s the trap? How are webcriminals capable to do this?
Actually, even when you close the browser, there’s one hidden pop-under window that still remains open. It’s sized to fit under the taskbar and hides behind the clock. The coordinates of this window might be different, but it all in all follows x -100 and y -40 position principle.
You can broaden the taskbar to spot the window, enabling transparency might also help you.
To spot that sort of activity, you can run Task Manager and ensure that there are no browser processes hiddenly running. You can also look for the highlighted browser icon in the taskbar field.