Crypto Mining Malware Hits Business

Uploaded on 2018-03-23 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Crypto-mining malware continues to impact organisations globally as 23% were affected by the Coinhive variant during January 2018, according to Check Point’s latest Global Threat Impact Index.

Researchers discovered three different variants of crypto-mining malware in its Top 10 most prevalent ranking, with Coinhive ranking first, impacting more than one-in-five organisations

Coinhive performs online mining of Monero crypto-currency when a user visits a web page without the user’s approval. The implanted JavaScript then uses the computational resources of the end user’s machines to mine coins, impacting system performance.

“Over the past three months, crypto-mining malware has steadily become an increasing threat to organisations, as criminals have found it to be a lucrative revenue stream,” said Maya Horowitz, Threat Intelligence Group Manager at Check Point. 

“It is particularly challenging to protect against, as it is often hidden in websites, enabling hackers to use unsuspecting victims to tap into the huge CPU resource that many enterprises have available. As such, it is critical that organisations have the solutions in place that protect against these stealthy cyber-attacks.”

In addition to crypto-miners, researchers also discovered that 21% of organisations have still failed to deal with machines infected with the Fireball malware. 

Fireball can be used as a full-functioning malware downloader capable of executing any code on victims’ machines. It was first discovered in May 2017, and severely impacted organisations during Summer of 2017.

In January, crypto-mining malware continued to be the most prevalent with Coinhive retaining its most wanted spot impacting 23% of organizations, followed by Fireball in second and Rig Exploit Kit in third impacting 17% of organisations.
January 2018’s top 3 most wanted malware

1. Coinhive – Crypto-Miner designed to perform online mining of Monero crypto-currency when a user visits a web page without the user’s approval.
2. Fireball – Browser-hijacker that can be turned into a full-functioning malware downloader.
3. Rig ek – Rig delivers Exploits for Flash, Java, Silverlight and Internet Explorer

Lokibot, an Android banking Trojan, was the most popular malware used to attack organisations’ mobile estates followed by the Triada and Hiddad.

January 2018’s top 3 most wanted mobile malware

1. Lokibot – Android banking Trojan and info-stealer, which can also turn into a ransomware that locks the phone.
2. Triada – Modular Backdoor for Android which grants super user privileges to downloaded malware.
3. Hiddad – Android malware which repackages legitimate apps then releases them to a third-party store.

Help Net Security:

You Might Also Read:

Crypto-Mining Is A Growing Epidemic:

Mining Bitcoin Just Halved:
 

 

« Slingshot: Avoiding Sophisticated Cyber Espionage
Russia Can Disconnect From The Internet »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

4Secure

4Secure

For over two decades, 4Secure has specialised in cyber security consultancy, safeguarding the worlds critical Infrastructure through securely bridging air gapped networks.

Quttera

Quttera

Quttera provides Website Security Solutions for Small & Medium Businesses, Enterprises and Organizations.

Qolcom

Qolcom

Qolcom is a leading UK based integrator of secure wireless network and mobile device management solutions.

BSA - The Software Alliance

BSA - The Software Alliance

BSA is the leading advocate for the global software industry before governments and in the international marketplace.

Cybonet

Cybonet

Cybonet provides easy to deploy, flexible and scalable security solutions that empower organizations of all sizes to actively safeguard their networks in the face of today’s evolving threats.

Total Defense

Total Defense

Total Defense solutions include anti-malware, anti-virus, intrusion prevention & mobile security.

Nextcloud

Nextcloud

Nextcloud offers offers solutions to the combined need of security and ubiquitous access to data and collaboration technology.

Tesorion

Tesorion

Tesorion is a fusion of different enterprises each with its own specialisation in the field of cybersecurity. We have combined these specialisations to create an integrated comprehensive solution.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

Chainlink

Chainlink

Chainlink expands the capability of smart contracts by enabling access to real-world data and systems without sacrificing the security and reliability guarantees inherent to blockchain technology.

Darkbeam

Darkbeam

Darkbeam provides a unified solution to protect against security, brand and compliance risks across your digital infrastructure.

VC3

VC3

VC3 provides a full range of Information Technology Solutions and Services to hundreds of municipalities and organizations throughout the USA.

Mobb

Mobb

Mobb's AI-powered technology automates vulnerability remediations to significantly reduce security backlogs and free developers to focus on innovation.

Security Compliance Associates (SCA)

Security Compliance Associates (SCA)

The sole focus of SCA is safeguarding critical information and complying with information security regulations.

VirtualMetric

VirtualMetric

VirtualMetric delivers performance-driven IT monitoring and log management solutions that simplify complex environments.

C3iHub

C3iHub

C3iHub was set up to drive technology and skills development on Cyber-Physical Systems (CPS) and associated Cybersecurity technologies.