Crypto-Mining Is A Growing Epidemic

Uploaded on 2018-02-20 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Crypto-mining malware has continued to grow globally, with 23% of organisations worldwide affected by the Coinhive variant during January.

That’s according to CheckPoint’s Global Threat Impact Index, which shows three different variants of crypto-mining code in its top 10 most-prevalent rankings. In addition to Coinhive impacting more than one in five organisations, JSEcoin (a JavaScript miner that can be embedded in websites) was in fifth place and Cryptoloot (which targets PCs) was in ninth.

Coinhive, presently the No.1 most prevalent malware, performs online mining of Monero cryptocurrency when a user visits a web page. Implanted JavaScript uses the computational resources of the end user’s machines to mine coins, impacting system performance. 

While it’s offered as a legitimate service for webmasters looking for a monetisation alternative to advertising, criminals often embed it into websites without the site knowing, and unscrupulous websites use it without letting site visitors know.

“Over the past three months, crypto-mining malware has steadily become an increasing threat to organisations, as criminals have found it to be a lucrative revenue stream,” said Maya Horowitz, threat intelligence group manager at Check Point. 

“It is particularly challenging to protect against, as it is often hidden in websites, enabling hackers to use unsuspecting victims to tap into the huge CPU resource that many enterprises have available. As such, it is critical that organisations have the solutions in place that protect against these stealthy cyber-attacks.”

In addition to crypto-miners, Check Point researchers also discovered that 21% of organisations have still failed to deal with machines infected with the malware. 

Fireball, which came in at No. 2 in the rankings, manipulates victims’ browsers and turns their default search engines and homepages into fake search engines, which simply redirect the queries to either yahoo.com or google.com to generate ad revenue. 

It also can be used as a full-functioning malware downloader capable of executing any code on victims’ machines. It was first discovered in May 2017 and severely impacted organisations during summer of 2017. The Rig Exploit Kit came in third for January, impacting 17% of organisations. Rig delivers exploits for Flash, Java, Silverlight and Internet Explorer.

On the mobile front, Lokibot, an Android banking Trojan, was the most popular malware used to attack organisations’ mobile estates. The code steals information, but it can also turn into a ransomware that locks the phone.

Lokibot was followed by the Triada and Hiddad mobile malwares in January. Triada is a modular backdoor for Android, which grants super user privileges to downloaded malware. Hiddad is also an Android malware, focused on trojanising legitimate apps then releasing them to a third-party store.

Infosecurity Magazine

You Might Also Read: 

Bitcoin Energy Use In Iceland Soars:

Popular Streaming Sites Secretly Mine Cryptocurrency:

Mining Bitcoin Just Halved:

The Future Of Cash (£):
 

 

« A Search Tool That Allows Anyone To Access Cloud Documents
Chinese Police Wearing Face Recognition Glasses »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

SC Media

SC Media

SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face.

edgescan

edgescan

edgescan is a cloud-based continuous vulnerability management and penetration testing solution.

BitRaser

BitRaser

BitRaser serves your needs for a managed & certified data erasure solution that can support internal & external corporate audit requirements with traceable reporting.

Applied Science and Technology Research Institute Company Limited (ASTRI)

Applied Science and Technology Research Institute Company Limited (ASTRI)

ASTRI's mission is to enhance Hong Kong’s competitiveness in technology-based industries through applied research in areas including Security & Data Sciences which encompasses cybersecurity.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

Aergo

Aergo

Aergo offers an easier and more proven way to adopt blockchain and transform your business while building on your existing IT and cloud assets.

BI.ZONE

BI.ZONE

BI.ZONE creates high-tech products and solutions to protect IT infrastructures and applications, and provides services from cyber intelligence and proactive defence to cybercrime investigation.

SAST

SAST

SAST provide Static Application Security Testing as a service based on SAST Tools.

KanREN

KanREN

KanREN is a member based consortium offering custom, world-class network services and support for researchers, educators, and public service institutions in the state of Kansas.

OSIbeyond

OSIbeyond

OSIbeyond provides comprehensive Managed IT Services to organizations in the Washington D.C., MD, and VA area including IT Help Desk Support, Cloud Solutions, Cybersecurity, and Technology Strategy.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Atomic Data

Atomic Data

Atomic Data is an on-demand, always-on, pay-as-you-go expert extension of your enterprise IT team and infrastructure.

DuckDuckGoose

DuckDuckGoose

DuckDuckGoose offer advanced solutions to protect against manipulated videos, images, voices and texts.

Standard Notes

Standard Notes

Standard Notes is a secure digital notes app that protects your notes and files with audited, industry-leading end-to-end encryption.

Panasonic Automotive Systems

Panasonic Automotive Systems

Panasonic Automotive Systems brings together security technologies and human resources cultivated across an extensive range of businesses into the automotive field.

Validia

Validia

Validia is a deepfake cybersecurity service that provides proactive and reactive defense to the deepfake threat enterprises increasingly face with the rapid growth of generative AI.