Publications / Media

News / Media Publications

Please see this page for my mentions in major news / media publications.

Peer-reviewed research publications

A first look at browser-based cryptojacking
Shayan Eskandari, Andreas Leoutsarakos, Troy Mursch, Jeremy Clark

In this paper, we examine the recent trend towards in-browser mining of cryptocurrencies; in particular, the mining of Monero through Coinhive and similar code-bases. In addition, we conduct some measurements to establish its prevalence and profitability, outline an ethical framework for considering whether it should be classified as an attack or business opportunity, and make suggestions for the detection, mitigation and/or prevention of browser-based mining for non-consenting users.

View PDF copy

Podcasts

PQ 148: How To Monitor Cryptojacking With Paessler PRTG

Episode 15: Special Guest Troy Mursch AKA “Bad Packets”, BatchOverflow, Route53 BGP Hijack, and a New Vulnerability in Equihash Mining Pools

Threatpost Podcast – Bad Packets Report Founder on Rising Cryptojacking Attacks

The Security Ledger – Podcast Episode 116: Cryptojacking and MikroTik’s Bad-Feeling Feel Good Patch Story

Webinars

Crypto Crime: Hunting for Cryptocurrency Mining in Your Enterprise

I discuss the key factors contributing to the rise of malicious cryptocurrency mining, the symptoms of cryptojacking, and brief history of the topic in this webinar hosted by Infosecurity Magazine.

Guest Blogs

How Cryptojacking Impacts You, and What You Can Do About It

Cryptojacking campaigns continue to target vulnerable websites

How to use reverse DNS records to identify mass scanners

How to use name server records to locate malicious domains en masse

Case studies

PRTG: Helping A Leading Independent Security Analyst Detect And Prevent Cryptojacking

In this case study, presented by Paessler, I document my use of PRTG to detect and monitor high-profile websites infected with cryptojacking malware.

View PDF copy