Crypto Mining Malware Hits Business

Crypto-mining malware continues to impact organisations globally as 23% were affected by the Coinhive variant during January 2018, according to Check Point’s latest Global Threat Impact Index.

Researchers discovered three different variants of crypto-mining malware in its Top 10 most prevalent ranking, with Coinhive ranking first, impacting more than one-in-five organisations

Coinhive performs online mining of Monero crypto-currency when a user visits a web page without the user’s approval. The implanted JavaScript then uses the computational resources of the end user’s machines to mine coins, impacting system performance.

“Over the past three months, crypto-mining malware has steadily become an increasing threat to organisations, as criminals have found it to be a lucrative revenue stream,” said Maya Horowitz, Threat Intelligence Group Manager at Check Point. 

“It is particularly challenging to protect against, as it is often hidden in websites, enabling hackers to use unsuspecting victims to tap into the huge CPU resource that many enterprises have available. As such, it is critical that organisations have the solutions in place that protect against these stealthy cyber-attacks.”

In addition to crypto-miners, researchers also discovered that 21% of organisations have still failed to deal with machines infected with the Fireball malware. 

Fireball can be used as a full-functioning malware downloader capable of executing any code on victims’ machines. It was first discovered in May 2017, and severely impacted organisations during Summer of 2017.

In January, crypto-mining malware continued to be the most prevalent with Coinhive retaining its most wanted spot impacting 23% of organizations, followed by Fireball in second and Rig Exploit Kit in third impacting 17% of organisations.
January 2018’s top 3 most wanted malware

1. Coinhive – Crypto-Miner designed to perform online mining of Monero crypto-currency when a user visits a web page without the user’s approval.
2. Fireball – Browser-hijacker that can be turned into a full-functioning malware downloader.
3. Rig ek – Rig delivers Exploits for Flash, Java, Silverlight and Internet Explorer

Lokibot, an Android banking Trojan, was the most popular malware used to attack organisations’ mobile estates followed by the Triada and Hiddad.

January 2018’s top 3 most wanted mobile malware

1. Lokibot – Android banking Trojan and info-stealer, which can also turn into a ransomware that locks the phone.
2. Triada – Modular Backdoor for Android which grants super user privileges to downloaded malware.
3. Hiddad – Android malware which repackages legitimate apps then releases them to a third-party store.

Help Net Security:

You Might Also Read:

Crypto-Mining Is A Growing Epidemic:

Mining Bitcoin Just Halved:
 

 

« Slingshot: Avoiding Sophisticated Cyber Espionage
Russia Can Disconnect From The Internet »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Astra

Astra

Astra's website security solution provides real-time protection against malware, hackers, SQLi, XSS, DDoS, LFI and RFI.

ClearDATA

ClearDATA

The ClearDATA Managed Cloud protects sensitive healthcare data using purpose-built DevOps automation, compliance and security safeguards, and healthcare expertise.

Norton

Norton

NortonLifeLock is dedicated to helping secure the devices, identities, online privacy, and home and family needs of approximately 50 million consumers.

Skurio

Skurio

Skurio create cost-effective, intuitive and powerful Cloud based solutions to identify threats, detect data breaches outside the network and automate the response.

The Open Group

The Open Group

The Open Group: Leading the development of open, vendor-neutral IT standards and certifications.

TeskaLabs

TeskaLabs

TeskaLabs is a software vendor of cybersecurity and data privacy products.

Hub One

Hub One

Hub one is a leading player in digital transformation with expertise in broadband connectivity, business solutions for traceability and mobility, IOT in industrial environments and cybersecurity.

Adarma Security

Adarma Security

Adarma are specialists in threat management including SOC design, build & operation.

AirITSystems

AirITSystems

AirITSystems offer companies comprehensive IT security solutions that take all security considerations into account and are tailored to your business.

Swissbit

Swissbit

Swissbit AG is the leading European manufacturer of storage, security and embedded IoT solutions for demanding applications.

Hayes Connor Solicitors

Hayes Connor Solicitors

Hayes Connor Solicitors is a specialist data breach and cybercrime law firm. We act for clients on individual data breaches and also where a group has been compromised as part of a targeted attack.

Zuul IoT

Zuul IoT

Zuul take an asset-centric approach to OT security, enabling security teams to protect the critical IIoT/IoT devices that are at the foundation of critical business functions.

Arctic Group

Arctic Group

Arctic Group is a Swedish service provider focusing on cybersecurity, integration services and deployment of software development tools.

Tarlogic

Tarlogic

Tarlogic works to protect and defend your security with the highest quality technical team with next generation solutions to achieve the best protection.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

Sonet.io

Sonet.io

Sonet.io is built for IT leaders that want a great experience for their remote workers, while enhancing security and observability.