Mining domains from where the scripts are loaded

[xeon]

(cryptographic currencies)

Are these added to EAM surf protection?

If not, it would be a great option to add in surf protection for example: like the PUP hosts (Block and notify, Alert, Block silently, Don't block).

[xeon]

Hello?

[GT500]

We can't arbitrarily block legitimate mining domains. A lot of people actually want to mine cryptocurrencies.

I would believe we block mining-related domains that are not legitimate (anything associated with mining-related malware).

[xeon]

8 hours ago, xeon said:

great option to add in surf protection for example: like the PUP hosts (Block and notify, Alert, Block silently, Don't block).

Option only?

[GT500]

I'll pass on the suggestion, however note that when it comes to JavaScript miners the code can load from anywhere (including the website you are trying to browse that has the miner embeded in the page), so we would probably end up blocking a lot of legitimate websites with such a feature.

[xeon]

1 hour ago, GT500 said:

I'll pass on the suggestion, however note that when it comes to JavaScript miners the code can load from anywhere (including the website you are trying to browse that has the miner embeded in the page), so we would probably end up blocking a lot of legitimate websites with such a feature.

Very good, I rarely use JavaScript only to access forums.

But I tend to like blocking every that is not needed, and this has kept me secure over the years.

[Fabian Wosar]

We decided internally to treat javascript-based crypto-currency miners as PUP. That means we started actively targetting these services via the surf protection.