Crypto-Mining Is A Growing Epidemic

Crypto-mining malware has continued to grow globally, with 23% of organisations worldwide affected by the Coinhive variant during January.

That’s according to CheckPoint’s Global Threat Impact Index, which shows three different variants of crypto-mining code in its top 10 most-prevalent rankings. In addition to Coinhive impacting more than one in five organisations, JSEcoin (a JavaScript miner that can be embedded in websites) was in fifth place and Cryptoloot (which targets PCs) was in ninth.

Coinhive, presently the No.1 most prevalent malware, performs online mining of Monero cryptocurrency when a user visits a web page. Implanted JavaScript uses the computational resources of the end user’s machines to mine coins, impacting system performance. 

While it’s offered as a legitimate service for webmasters looking for a monetisation alternative to advertising, criminals often embed it into websites without the site knowing, and unscrupulous websites use it without letting site visitors know.

“Over the past three months, crypto-mining malware has steadily become an increasing threat to organisations, as criminals have found it to be a lucrative revenue stream,” said Maya Horowitz, threat intelligence group manager at Check Point. 

“It is particularly challenging to protect against, as it is often hidden in websites, enabling hackers to use unsuspecting victims to tap into the huge CPU resource that many enterprises have available. As such, it is critical that organisations have the solutions in place that protect against these stealthy cyber-attacks.”

In addition to crypto-miners, Check Point researchers also discovered that 21% of organisations have still failed to deal with machines infected with the malware. 

Fireball, which came in at No. 2 in the rankings, manipulates victims’ browsers and turns their default search engines and homepages into fake search engines, which simply redirect the queries to either yahoo.com or google.com to generate ad revenue. 

It also can be used as a full-functioning malware downloader capable of executing any code on victims’ machines. It was first discovered in May 2017 and severely impacted organisations during summer of 2017. The Rig Exploit Kit came in third for January, impacting 17% of organisations. Rig delivers exploits for Flash, Java, Silverlight and Internet Explorer.

On the mobile front, Lokibot, an Android banking Trojan, was the most popular malware used to attack organisations’ mobile estates. The code steals information, but it can also turn into a ransomware that locks the phone.

Lokibot was followed by the Triada and Hiddad mobile malwares in January. Triada is a modular backdoor for Android, which grants super user privileges to downloaded malware. Hiddad is also an Android malware, focused on trojanising legitimate apps then releasing them to a third-party store.

Infosecurity Magazine

You Might Also Read: 

Bitcoin Energy Use In Iceland Soars:

Popular Streaming Sites Secretly Mine Cryptocurrency:

Mining Bitcoin Just Halved:

The Future Of Cash (£):
 

 

« A Search Tool That Allows Anyone To Access Cloud Documents
Chinese Police Wearing Face Recognition Glasses »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Identiv

Identiv

Identiv is a global security technology company that establishes trust in the connected world, including premises, information and everyday items.

CROW - University of Waikato

CROW - University of Waikato

CROW is the first cyber security lab established in a New Zealand educational institution at the University of Waikato.

Nordic IT Security

Nordic IT Security

Nordic IT Security is a cyber security business forum in Scandinavia bringing together the converging worlds of IT, Cyber and Information Security.

Citicus

Citicus

Citicus provides world-class security, risk and compliance management software, plus supporting services.

First National Technology Solutions (FNTS)

First National Technology Solutions (FNTS)

First National Technology Solutions is a leading provider of flexible, customized hosted and remote managed services including IT security and compliance.

NetDiligence

NetDiligence

NetDiligence is a privately-held cyber risk assessment and data breach services company.

Dracoon

Dracoon

DRACOON is market leader in the German-speaking region for secure enterprise file sharing.

Alpha Omega Integration

Alpha Omega Integration

Alpha Omega creates new possibilities through intelligent end-to-end mission-focused government IT solutions.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

Harbottle & Lewis

Harbottle & Lewis

Harbottle & Lewis is a leading UK-based law firm focused on the Private Client and Technology, Media and Entertainment sectors.

WPScan

WPScan

With WPScan, you'll be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes.

aFFirmFirst

aFFirmFirst

aFFirmFirst is a unique software solution offering a simple yet effective way for businesses to protect and control their online images and logo, as well as allowing one-click website verification.

OpenAI

OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity.

DataProof Communications

DataProof Communications

DataProof Communications is Cybersecurity Company specialising in cybersecurity operations, incident management and response best practices and technologies.

InfoTrust

InfoTrust

InfoTrust is a leading specialised cybersecurity practice that combines a customer-first consulting approach with next-generation security solutions.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.