First off, let’s make it clear that there is nothing inherently malicious about the act of cryptocurrency mining. Rather, over the past couple of years cybercriminals and bad actors have leveraged existing exploits and found unsecured hardware to implant Cryptocurrency Mining code and steal CPU/GPU cycles from computer owners and website visitors without their knowledge. These activities are what we refer to as “Malicious Cryptocurrency Mining”.
Malicious scripts are code fragments which may be hidden in otherwise legitimate websites, whose security has been compromised. Malicious scripts are a type of cyber attack designed to create vulnerabilities that can leave systems and networks exposed to back door attacks, security breaches, data theft, or other potential damage by enabling cyber criminal with unauthorized remote access. Unlike malware, which is specific to malicious software, malicious scripts also includes website scripts that have the capability to exploit vulnerabilities in order to upload malware.
Researchers see this code in HTML source so often that it almost never gets a second glance – until now. zveloLABS™ researchers have seen several compromised sites recently using Google Analytics to mask malicious scripts, as in the example below.