Cryptojacking Has Become One of the Top 10 Biggest Threats – 55% of Businesses Affected
The end of 2017 saw cryptocurrency taking over our digital lives. From soaring coin values to people losing millions of dollars in targeted attacks on wallets, and even getting kidnapped for their bitcoins - the criminal world's focus visibly shifted to leverage this popularity. We also saw a number of reports where billions of users were targeted by attackers who were trying to use their system resources to mine for digital currency. According to security researchers, cryptojacking malware has become so popular that it's now in the list of top ten most prevalent malware variants.
Cryptojacking impacted 55% of businesses globally; used as much as 65% of the users’ CPU power
"Crypto-mining malware refers to cybercriminals hijacking the victim’s CPU or GPU power and existing resources to mine cryptocurrency," Check Point researchers wrote in their latest report. They revealed that "crypto-miners managed to impact 55% of organizations globally, with two variants in the top three list of malware and ten different variants in the expanded top 100."
Coinhive, which is a legitimate mining tool but is predominantly used by the criminal community, became the most prevalent threat. Following it is the Rig ek exploit kit at the second position and a new tool called Cryptoloot - again, legitimate - is in the third.
In the previous reports, we have seen even the legitimate websites using these miners to earn extra money through their visitors' resources. In some cases, the website operators don't even have a clue if this is happening as from advertisers to hackers, several agents are trying to cash top websites' popularity. But, some of the biggest names have been seen intentionally injecting crypto-miners without informing their visitors - which is how the legitimate miners are supposed to work.
"Check Point found that cryptocurrency miners have intentionally been injected into some top websites, mostly media streaming and file sharing services, without notifying the users," the research said. "While some of this activity is legal and legitimate, the tools can be hacked to dominate more power and generate more revenue, using as much as 65% of the end-users’ CPU power."
While crypto-mining was supposed to be an alternative to the online ad industry - help the publishers make money and enable visitors to get rid of annoying ads - it has turned into one of the biggest threats taking over user systems without permission and then using over 60% of their resources. CheckPoint said that it is very likely that this trend will continue to gain steam over the next few months as both the legitimate websites who are losing revenues thanks to ad-blocking software and threat actors are turning to crypto-mining malware as a new way to make money.
- As noted in our previous posts, you can use AntiMiner and No Coin Chrome extensions to block sites running the Coinhive script. Some ad-blockers are also offering this functionality for other mining scripts, as well.