Hackers Still Favor Cryptojacking Malware Despite Bearish Cryptocurrency Market Conditions

Crypto mining malware still commonplace despite bearish crypto market.

Cryptocurrency mining malware topped the 2018 threat index list. This is according to a report released by Checkpoint. It lists crypto mining malware as the most common and highlights Coinhive as the leading cryptojacking device.

Coinhive is a legitimate Javascript miner that allows website owners to monetize their platforms by harnessing the processing power of devices used by visitors. It has in this instance been classified as malware mainly because of its installation on thousands of websites via exploits and without visitors’ or owners’ consent.

The Javascript software can be set to use a certain percentage of a device’s computing power via the browser. Users on a webpage with the embedded script usually experience a reduction in performance latency. Hardware overheating issues and a lowering of battery life are a few indicators that a machine has been infected. Coinhive is programmed to mine Monero as long as a visitor is on the website.

An analysis via the Publicwww code search engine estimates that over 16,000 websites currently have the Coinhive miner installed.

Early last year when the crypto market was experiencing an unprecedented boom, search statistics indicated that over 50,000 websites were using the Coinhive miner. These figures have gone down in lockstep with the bearish crypto market.

According to the Checkpoint report, the script has affected over 10 percent of all organizations worldwide and has been the top malware for 13 consecutive months now. XMRig, an open source CPU cryptocurrency mining software, took second place in the top ten malware list.

Jsecoin, a browser-based Javascript miner that enables users to mine crypto while enjoying an ad-free experience, came in third. Cryptoloot was in the fourth position. It has striking similarities to Coinhive and allows website owners to use visitors’ computing power to mine Monero. XMRig had an eight percent global reach, according to the report, while JSEcoin had seven percent.

Hackers Also Using CMS Based Exploits

Last year, security researcher Troy Mursch uncovered a cryptojacking campaign that relied on vulnerable versions of the Drupal content management system (CMS) to spread crypto mining malware.

A few major sites got infected, including Lenovo and the San Diego Zoo. Over 400 websites got hacked and had a miner injected. Within the past year, major sites such as The Los Angeles Times, Blackberry, and Showtime have fallen victim to such schemes.

Larger targets are riskier for hackers as most major networks have enhanced website security systems, but the rewards are substantial. The immense traffic offers a tremendous range of possibilities for hackers who can target millions of devices within a short period.

Malicious parties can use Remote Access Trojan (RAT) techniques, for example, to take over millions of infected systems and download a cryptojacking payload. Monero’s pseudonymous features are an additional convenience for hackers, as they can easily get away with their misdeeds.

Hackers Are Becoming More Innovative

According to a recent report released by McAfee, crypto mining malware attacks have increased by over 4,000 percent within the past 12 months. It also indicates that hackers are becoming more innovative in launching attacks.

One exploit that was recently discovered by Remco Verhoef, a security researcher, targeted the Mac OS and involved executing a single line of code to launch the payload.

The hacker broadcasted messages on cryptocurrency chat boards on Slack, Discord, and Telegram asking users to execute a command via Terminal on their Mac to apparently fix a crypto transfer completion bug.

The technique was relatively simple but allowed the hacker to bypass Gatekeeper, which prevents malicious software from executing. Commands run via Terminal are not scrutinized, and this is what makes the hack particularly effective. Once a user executes the command, the hacker is allowed remote access to the computer. The hacker can also install crypto mining malware via the exploit.

Although cryptojacking attacks have increased over the past two years, momentum seems to have subsided as bearish cryptocurrency market conditions prevail.


Newsletter (Sidebar)

  • Hidden
  • This field is for validation purposes and should be left unchanged.


Luna 2.0

Terra to Relaunch: Do Kwon’s Proposal Passes By 65% (LUNA Airdrop)

A proposal to relaunch the Terra blockchain has passed with a wide margin of 65.5% votes in…

Read More

Is USDC Set To Overtake Tether (USDT) Soon?

The stablecoin market has witnessed one of the most unstable moments in its history this month as…

Read More

Institutional Investors Racked Up $274M Worth of Assets Amid Market Crash

The week beginning May 5 and ending May 11 witnessed one of the biggest crashes in the…

Read More


Getting Started Gold Bars.


Terra to Relaunch: Do Kwon’s Proposal Passes By 65% (LUNA Airdrop)

A proposal to relaunch the Terra blockchain has passed with a wide margin of 65.5% votes in favor. The new blockchain is called LUNA 2.0 and will come into existence in the next two days, this May 27. As per the Terra Ecosystem Revival Plan, at least 200 million voted in favor of relaunching the…


Getting Started Gold Bars.


Elizabeth Gail is a crypto-enthusiast and blogger. Her specialties include cryptocurrency news writing and analysis. When not writing about crypto, she’s out taking part in humanitarian endeavors across the world. For any news tips or coverage, you can reach out and engage with her on Twitter at @Lizbarret001. You can also email her at [email protected]