Adware Launches In-Browser Mining Sites Pretending to be Cloudflare
FileTouris an adware bundle that is commonly spread as cracks or cheats for games and other software. This bundle is notorious for crossing the line between what is traditionally known as adware and PUPs and more dangerous computer infections such as password-stealing Trojans and miners. This adware bundle has started to create a Windows autorun that automatically launches Chrome and connects to a in-browser mining page when a user logs into Windows.
As you can see, by using a headless in-browser miner window, most people will not even notice that they are infected with anything. Yes, their computer may feel slow and some might even check Task Manager and notice Chrome’s strange behavior, but for most users this miner can run for days, if not weeks, without being detected.