Crypto-Mining Is A Growing Epidemic

Crypto-mining malware has continued to grow globally, with 23% of organisations worldwide affected by the Coinhive variant during January.

That’s according to CheckPoint’s Global Threat Impact Index, which shows three different variants of crypto-mining code in its top 10 most-prevalent rankings. In addition to Coinhive impacting more than one in five organisations, JSEcoin (a JavaScript miner that can be embedded in websites) was in fifth place and Cryptoloot (which targets PCs) was in ninth.

Coinhive, presently the No.1 most prevalent malware, performs online mining of Monero cryptocurrency when a user visits a web page. Implanted JavaScript uses the computational resources of the end user’s machines to mine coins, impacting system performance. 

While it’s offered as a legitimate service for webmasters looking for a monetisation alternative to advertising, criminals often embed it into websites without the site knowing, and unscrupulous websites use it without letting site visitors know.

“Over the past three months, crypto-mining malware has steadily become an increasing threat to organisations, as criminals have found it to be a lucrative revenue stream,” said Maya Horowitz, threat intelligence group manager at Check Point. 

“It is particularly challenging to protect against, as it is often hidden in websites, enabling hackers to use unsuspecting victims to tap into the huge CPU resource that many enterprises have available. As such, it is critical that organisations have the solutions in place that protect against these stealthy cyber-attacks.”

In addition to crypto-miners, Check Point researchers also discovered that 21% of organisations have still failed to deal with machines infected with the malware. 

Fireball, which came in at No. 2 in the rankings, manipulates victims’ browsers and turns their default search engines and homepages into fake search engines, which simply redirect the queries to either yahoo.com or google.com to generate ad revenue. 

It also can be used as a full-functioning malware downloader capable of executing any code on victims’ machines. It was first discovered in May 2017 and severely impacted organisations during summer of 2017. The Rig Exploit Kit came in third for January, impacting 17% of organisations. Rig delivers exploits for Flash, Java, Silverlight and Internet Explorer.

On the mobile front, Lokibot, an Android banking Trojan, was the most popular malware used to attack organisations’ mobile estates. The code steals information, but it can also turn into a ransomware that locks the phone.

Lokibot was followed by the Triada and Hiddad mobile malwares in January. Triada is a modular backdoor for Android, which grants super user privileges to downloaded malware. Hiddad is also an Android malware, focused on trojanising legitimate apps then releasing them to a third-party store.

Infosecurity Magazine

You Might Also Read: 

Bitcoin Energy Use In Iceland Soars:

Popular Streaming Sites Secretly Mine Cryptocurrency:

Mining Bitcoin Just Halved:

The Future Of Cash (£):
 

 

« A Search Tool That Allows Anyone To Access Cloud Documents
Chinese Police Wearing Face Recognition Glasses »

Directory of Suppliers

European Defence Agency (EDA)

European Defence Agency (EDA)

EDAs mission is to improve European defence capabilities. Programme areas include Cyber Defence.

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO CCDCOE's mission is to enhance the capability, cooperation and information sharing among NATO, NATO nations and partners in cyber defence.

Sonatype

Sonatype

Sonatype protects the world's enterprise software from security, compliance, licensing risks, while reducing application development and deployment time.

Infinity SDC

Infinity SDC

Infinity offer wholesale and retail collocation data centre services.

Spitfire

Spitfire

Spitfire are a leading business telecommunications provider encompassing SIP, Internet, Voice & Data services.

Digital Defense Inc (DDI)

Digital Defense Inc (DDI)

DDI offers vulnerability scanning, penetration testing, web application testing, social engineering and additional security assessments.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

Association of Information Technology Professionals (AITP)

Association of Information Technology Professionals (AITP)

AITP is the leading worldwide society of professionals in information technology.

techUK

techUK

techUK represents companies operating in the tech sector in the UK. Focus areas cover all aspects of ICT including cyber security.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

Cardinal Commerce

Cardinal Commerce

A leader in consumer authentication, CardinalCommerce specializes in mobile commerce & payment solutions to meet your card-not-present needs.

Security Mentor

Security Mentor

Security Mentor provides innovative, online security awareness training designed for how people learn and work.

Learning Tree International

Learning Tree International

Learning Tree's comprehensive cyber security training curriculum includes specialised IT security training and general cyber security courses for all levels of your organisation including the C-suite.

Cyber Re:coded

Cyber Re:coded

Cyber Re:coded is a new cyber security event designed to show you exactly what a job in cyber security looks like, what innovation is shaping the industry, and put you in touch with future employers.

Rwanda Information Society Authority (RISA)

Rwanda Information Society Authority (RISA)

RISA is at the forefront of all ICT project implementation, research, infrastructure and innovation within the ICT sector in Rwanda.