Calls to "delete Facebook" across different social media are growing in popularity. This is users’ reaction to recent publications in media about how a certain analytics company purchased personal data of 50 Million Facebook users from one of the app’s developer, and then proceeded to use this information to influence elections and political campaigns outcomes.
Back in December 2017, we added a mechanism that allowed users to optionally report websites whenever a cryptojacking script is detected by AdGuard. It proved useful right away and allowed us to discover the largest known cryptojacking campaign, which was being run by some popular video streaming websites. Since then we have received more than a million user reports, and now it's time to analyze them.
Over the last two months, we received over 1.3 Million reports on more than 120 thousand websites. It's important to notice that sometimes cryptojacking was detected on some legitimate websites (Google, Youtube, Instagram, etc) and this is most likely caused by malicious browser extensions or malvertising.
However, 40% (over half a million) of the reports came from just 50 domains. Let's take a deeper look into what the top cryptojackers do.
The year 2017 was a tough one for privacy protection and ad blocking apps, but a good one for their users. But any paradox seen here is illusory.
It was back in 2016 that the ad and marketing industries acknowledged the impending crisis. Ad-blocking growth statistics created great concern for many advertisers and publishers. Extrapolations showed that in a year or two almost nobody would see ads. Advertisers got ready to sell their lives at a high price. That was the year that ad reinsertion startup companies like PageFair, Admiral, Sourcepoint, Secret Media propagated, offering technologies to push ads through ad blockers.
It also was the year when the Coalition for Better Ads emerged.
Android is an awesome operating system that provides us developers with incredible capabilities. There are quite a few great apps and features Android users benefit from that are simply impossible to implement on other platforms.
Unfortunately, nothing comes free, and this wide array of capabilities is the main reason why Android is so vulnerable from privacy and security standpoints.
In our latest research, we decided to focus on the privacy issues. We took a look at the top 1000 Android apps to find out if they collect any sensitive personal data.
Brief summary: while hardening AdGuard’s crypto-jacking protection, we discovered four involved popular websites (mostly streaming) with an aggregated audience of almost a billion people.
We have already told you in our blog (part 1, part 2, part 3) about the problem of stealth mining (the so-called "cryptojacking"), but this story is not going to end. Just two(!) months after its first launch, this technology has been used on thousands of websites with a total estimated traffic of a billion(!) monthly visits. Now, after an additional three weeks have passed, we must regretfully report that cryptomining has soared to even greater heights.
Ad blockers were first to respond to this new menace and implement protection against mining on websites. Thanks to the popularity of ad blockers, a significant portion of Internet users received the necessary protection in a very timely manner. Naturally, "crypto-jackers" are not pleased with this counteraction.