Cryptocurrency mining malware topped the 2018 threat index list. This is according to a report released by Checkpoint. It lists crypto mining malware as the most common and highlights Coinhive as the leading cryptojacking device.
An analysis via the Publicwww code search engine estimates that over 16,000 websites currently have the Coinhive miner installed.
Early last year when the crypto market was experiencing an unprecedented boom, search statistics indicated that over 50,000 websites were using the Coinhive miner. These figures have gone down in lockstep with the bearish crypto market.
According to the Checkpoint report, the script has affected over 10 percent of all organizations worldwide and has been the top malware for 13 consecutive months now. XMRig, an open source CPU cryptocurrency mining software, took second place in the top ten malware list.
Hackers Also Using CMS Based Exploits
Last year, security researcher Troy Mursch uncovered a cryptojacking campaign that relied on vulnerable versions of the Drupal content management system (CMS) to spread crypto mining malware.
A few major sites got infected, including Lenovo and the San Diego Zoo. Over 400 websites got hacked and had a miner injected. Within the past year, major sites such as The Los Angeles Times, Blackberry, and Showtime have fallen victim to such schemes.
Larger targets are riskier for hackers as most major networks have enhanced website security systems, but the rewards are substantial. The immense traffic offers a tremendous range of possibilities for hackers who can target millions of devices within a short period.
Malicious parties can use Remote Access Trojan (RAT) techniques, for example, to take over millions of infected systems and download a cryptojacking payload. Monero’s pseudonymous features are an additional convenience for hackers, as they can easily get away with their misdeeds.
Hackers Are Becoming More Innovative
According to a recent report released by McAfee, crypto mining malware attacks have increased by over 4,000 percent within the past 12 months. It also indicates that hackers are becoming more innovative in launching attacks.
One exploit that was recently discovered by Remco Verhoef, a security researcher, targeted the Mac OS and involved executing a single line of code to launch the payload.
The hacker broadcasted messages on cryptocurrency chat boards on Slack, Discord, and Telegram asking users to execute a command via Terminal on their Mac to apparently fix a crypto transfer completion bug.
The technique was relatively simple but allowed the hacker to bypass Gatekeeper, which prevents malicious software from executing. Commands run via Terminal are not scrutinized, and this is what makes the hack particularly effective. Once a user executes the command, the hacker is allowed remote access to the computer. The hacker can also install crypto mining malware via the exploit.
Although cryptojacking attacks have increased over the past two years, momentum seems to have subsided as bearish cryptocurrency market conditions prevail.
Never Miss Another Opportunity! Get hand selected news & info from our Crypto Experts so you can make educated, informed decisions that directly affect your crypto profits. Subscribe to CoinCentral free newsletter now.