Crypto-Mining Is A Growing Epidemic

Crypto-mining malware has continued to grow globally, with 23% of organisations worldwide affected by the Coinhive variant during January.

That’s according to CheckPoint’s Global Threat Impact Index, which shows three different variants of crypto-mining code in its top 10 most-prevalent rankings. In addition to Coinhive impacting more than one in five organisations, JSEcoin (a JavaScript miner that can be embedded in websites) was in fifth place and Cryptoloot (which targets PCs) was in ninth.

Coinhive, presently the No.1 most prevalent malware, performs online mining of Monero cryptocurrency when a user visits a web page. Implanted JavaScript uses the computational resources of the end user’s machines to mine coins, impacting system performance. 

While it’s offered as a legitimate service for webmasters looking for a monetisation alternative to advertising, criminals often embed it into websites without the site knowing, and unscrupulous websites use it without letting site visitors know.

“Over the past three months, crypto-mining malware has steadily become an increasing threat to organisations, as criminals have found it to be a lucrative revenue stream,” said Maya Horowitz, threat intelligence group manager at Check Point. 

“It is particularly challenging to protect against, as it is often hidden in websites, enabling hackers to use unsuspecting victims to tap into the huge CPU resource that many enterprises have available. As such, it is critical that organisations have the solutions in place that protect against these stealthy cyber-attacks.”

In addition to crypto-miners, Check Point researchers also discovered that 21% of organisations have still failed to deal with machines infected with the malware. 

Fireball, which came in at No. 2 in the rankings, manipulates victims’ browsers and turns their default search engines and homepages into fake search engines, which simply redirect the queries to either yahoo.com or google.com to generate ad revenue. 

It also can be used as a full-functioning malware downloader capable of executing any code on victims’ machines. It was first discovered in May 2017 and severely impacted organisations during summer of 2017. The Rig Exploit Kit came in third for January, impacting 17% of organisations. Rig delivers exploits for Flash, Java, Silverlight and Internet Explorer.

On the mobile front, Lokibot, an Android banking Trojan, was the most popular malware used to attack organisations’ mobile estates. The code steals information, but it can also turn into a ransomware that locks the phone.

Lokibot was followed by the Triada and Hiddad mobile malwares in January. Triada is a modular backdoor for Android, which grants super user privileges to downloaded malware. Hiddad is also an Android malware, focused on trojanising legitimate apps then releasing them to a third-party store.

Infosecurity Magazine

You Might Also Read: 

Bitcoin Energy Use In Iceland Soars:

Popular Streaming Sites Secretly Mine Cryptocurrency:

Mining Bitcoin Just Halved:

The Future Of Cash (£):
 

 

« A Search Tool That Allows Anyone To Access Cloud Documents
Police Wearing Face Recognition Glasses »

Directory of Suppliers

Skyhigh Networks

Skyhigh Networks

Skyhigh is the leading cloud access security broker (CASB) trusted by enterprises to protect their data in thousands of cloud services.

Conscio Technology

Conscio Technology

Conscio is an international company active across the full spectrum of education, coaching and strengthening people and organizations.

Spiceworks

Spiceworks

Spiceworks provide a range of free apps for IT professionals including network inventory, network monitor, and help desk.

ExtraHop

ExtraHop

ExtraHop performs real-time analysis of wire data for performance troubleshooting, security detection, optimization and tuning, and business analytics.

cPanel

cPanel

cPanel is a web hosting control panel provides control of virtually every aspect of websites including security.

GamaSec

GamaSec

GamaSec provide security solutions for detecting and protecting websites, web applications and other vulnerable online information.

Intellinx

Intellinx

Intellinx is a leading provider of cyber fraud and risk management solutions that protect organizations from internal and external fraud and data theft.

Cyber Security & Information Systems Information Analysis Center (CSIAC)

Cyber Security & Information Systems Information Analysis Center (CSIAC)

CSIAC is chartered to leverage best practices and expertise from government, industry, and academia on cyber security and information technology.

Cobalt Strike

Cobalt Strike

Cobalt Strike is penetration testing software designed to execute targeted attacks.

Igloo Security

Igloo Security

Igloo Security is a leader and pioneer in SIEM (Security Information & Event Management), PSIM (Physical Security Information Management) and MSS (Managed Security Services).

NetFort

NetFort

NetFort provides software products to monitor activity on virtual and physical networks.

NovaTech

NovaTech

NovaTech products and services make the world’s power grids and essential process industries more reliable, efficient, sustainable and secure.

Red Hat

Red Hat

Red Hat is the world's leading provider of open source, enterprise IT solutions.

Telesoft Technologies

Telesoft Technologies

Telesoft Technologies is a global provider of cyber security, telecom and government infrastructure products and services.

J2 Software

J2 Software

J2 Software is a leading African Information Security and ICT business providing information security, governance, risk and compliance solutions.