Crypto Mining Malware Hits Business

Uploaded on 2018-03-23 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Crypto-mining malware continues to impact organisations globally as 23% were affected by the Coinhive variant during January 2018, according to Check Point’s latest Global Threat Impact Index.

Researchers discovered three different variants of crypto-mining malware in its Top 10 most prevalent ranking, with Coinhive ranking first, impacting more than one-in-five organisations

Coinhive performs online mining of Monero crypto-currency when a user visits a web page without the user’s approval. The implanted JavaScript then uses the computational resources of the end user’s machines to mine coins, impacting system performance.

“Over the past three months, crypto-mining malware has steadily become an increasing threat to organisations, as criminals have found it to be a lucrative revenue stream,” said Maya Horowitz, Threat Intelligence Group Manager at Check Point. 

“It is particularly challenging to protect against, as it is often hidden in websites, enabling hackers to use unsuspecting victims to tap into the huge CPU resource that many enterprises have available. As such, it is critical that organisations have the solutions in place that protect against these stealthy cyber-attacks.”

In addition to crypto-miners, researchers also discovered that 21% of organisations have still failed to deal with machines infected with the Fireball malware. 

Fireball can be used as a full-functioning malware downloader capable of executing any code on victims’ machines. It was first discovered in May 2017, and severely impacted organisations during Summer of 2017.

In January, crypto-mining malware continued to be the most prevalent with Coinhive retaining its most wanted spot impacting 23% of organizations, followed by Fireball in second and Rig Exploit Kit in third impacting 17% of organisations.
January 2018’s top 3 most wanted malware

1. Coinhive – Crypto-Miner designed to perform online mining of Monero crypto-currency when a user visits a web page without the user’s approval.
2. Fireball – Browser-hijacker that can be turned into a full-functioning malware downloader.
3. Rig ek – Rig delivers Exploits for Flash, Java, Silverlight and Internet Explorer

Lokibot, an Android banking Trojan, was the most popular malware used to attack organisations’ mobile estates followed by the Triada and Hiddad.

January 2018’s top 3 most wanted mobile malware

1. Lokibot – Android banking Trojan and info-stealer, which can also turn into a ransomware that locks the phone.
2. Triada – Modular Backdoor for Android which grants super user privileges to downloaded malware.
3. Hiddad – Android malware which repackages legitimate apps then releases them to a third-party store.

Help Net Security:

You Might Also Read:

Crypto-Mining Is A Growing Epidemic:

Mining Bitcoin Just Halved:
 

 

« Slingshot: Avoiding Sophisticated Cyber Espionage
Russia Can Disconnect From The Internet »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MarQuest

MarQuest

MarQuest provides services and systems to enhance network reliability and security.

Advanced Resource Managers (ARM)

Advanced Resource Managers (ARM)

ARM provide specialist recruitment services for technology and engineering including cyber security.

Engineering Group

Engineering Group

Engineering is the Digital Transformation Company, a leader in Italy and with over 80 offices across Europe, the United States, and South America.

RKH Specialty

RKH Specialty

RKH Specialty, part of the Hyperion Insurance Group, is a provider of specialty insurance services including Cyber Risk cover.

Mantix4

Mantix4

Mantix4’s M4 Cyber Threat Hunting Platform actively defends against cyber threats.

Stealthcare

Stealthcare

Stealthcare is a full service, global cyber security firm offering solutions that educate, empower and protect.

MagicCube

MagicCube

MagicCube is a device independent IoT security platform that protects against on-device, cloud, and network attacks.

eCosCentric

eCosCentric

eCosCentric provides software development solutions for the IoT, M2M & embedded systems market.

Liquid Technology

Liquid Technology

Liquid Technology provide DOD- and NIST-compliant data destruction and EPA-compliant e-waste disposal and recycling services throughout North America, Europe and Asia.

Bellvista Capital

Bellvista Capital

Bellvista Capital connects entrepreneurs with capital and unmatched business expertise in the technology areas of Cloud Computing, Cyber Security and Data Analytics.

Cyolo

Cyolo

Cyolo’s Secure Access Service Edge (SASE) platform securely connects onsite and remote users to authorized assets, in the organizational network, cloud or IoT environments and even offline networks.

Dashlane

Dashlane

Dashlane puts all your passwords, payments, and personal info in one place that only you control. So you can use them instantly. Securely. Exactly when you need them.

Cipher

Cipher

Founded in 2000, Cipher is a global cybersecurity company that delivers a wide range of Managed Security Services.

Cyber Lockout

Cyber Lockout

Comprehensive ransomware insurance and preventative cybersecurity technology solution, working together to help protect businesses 24/7/365.

SIA Group

SIA Group

SIA Group, an Indra company, combines Consulting, Systems Integration and Managed Services in four specialized business areas: Information Security, Storage, IT Management and IT Mobility.

Oregon Systems

Oregon Systems

Oregon Systems is a Regional Leader & Distributor with value added services for OT, IoT, IIoT & IT Cybersecurity products, Solutions & professional services throughout the middle-east region.