Coinhive Keeps Mining Cryptocurrency via Unsuspecting Organizations

Malware continues to mine cryptocurrencies through the CPUs of unsuspecting users.

Coinhive continues to mine cryptocurrencies using the computers and gadgets of unsuspecting organizations, the latest research by cybersecurity solutions provider Check Point Software Technologies has shown.

Check Point’s Global Threat Impact Index reveals that Coinhive still plagues global organizations, with 23% affected by the crypto mining malware in January this year.

Maya Horowitz, manager of Check Point’s Threat Intelligence Group, stated:

“Over the past three months, cryptomining malware has steadily become an increasing threat to organizations, as criminals have found it to be a lucrative revenue stream. It is particularly challenging to protect against, as it is often hidden in websites, enabling hackers to use unsuspecting victims to tap into the huge CPU resource that many enterprises have available. As such, it is critical that organizations have the solutions in place that protect against these stealthy cyber-attacks.”

Researchers at Check Point identified three different variants of active crypto mining malware, Coinhive being the most active. The top three “most wanted” malware pieces are Coinhive (built to do online mining of the digital currency Monero when a user visits a particular website),  Fireball (designed to hijack a browser and turn it into a full-functioning downloader of malware), and Rig ek (malware that delivers exploits for Java. Flash, Internet Explorer, and Silverlight).

Coinhive malware

Last month, a flight-bound security researcher calling himself “Elliot Alderson” discovered a crypto mining malware attach while making some script and found that some APKs were
infected with the Coinhive mining script.

Those affected were Android devices that were being used as crypto mining tools without the knowledge of their owners. Aside from using the CPUs, Coinhive is also dangerous because it reduces the lifespan of batteries, drains system resources, and heats devices to a high temperature
even during normal use.

The largest infection of crypto mining malware was reported by UK security researcher Scott Helme about a week ago, when he noted that more than 5,000 websites in Australia, the UK, and the US were hijacked to force the computers of visitors to mine Monero.

Helme told Sky News:

“This type of attack isn’t new – but this is the biggest I’ve seen. A single company being
hacked has meant thousands of sites impacted across the UK, Ireland and the United States.  Someone just messaged me to say their local government website in Australia is using the software as well.”

Source: Read Full Article

Leave a Reply