Cryptojackers remain biggest malware threat

Getting your Trinity Audio player ready...

Cryptocurrency mining remains the most prevalent use for malware distribution, according to the latest study by Check Point Software Technologies Ltd.

The cybersecurity solutions provider’s Global Threat Index for December 2018 showed Coinhive retaining the top spot among malware for the 13th straight month, and is said to impact 12% of organizations worldwide.

XMRig, first reported in May 2017, placed second in the list, with a global reach of 8%. Both Coinhive and XMRig are used to mine the Monero cryptocurrency without a user’s awareness or approval.

At number three is another miner, JSEcoin, with a global impact of 7%.

Check Point said in its press release, “Organizations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.” Perhaps this indicates longer-term bullish sentiment in the sector.

The company’s Threat Intelligence and Research Group Manager Maya Horowitz noted that the top 10 in the ‘Most Wanted’ malware was divided among miners, and malware for other purposes. “The diversity of the malware in the Index means that it is critical that enterprises employ a multi-layered cybersecurity strategy that protects against both established malware families and brand new threats,” she said.

A new entry in the top 10, coming in at the number 9 spot, is SmokeLoader, used to load other malware and known to researchers since 2011. It recently spread, in two campaigns, in Ukraine and Japan. “[T]he malware, which includes mining, info stealing, email/form grabbing and keylogging plugins, is sold exclusively to Russian speakers,” a Check Point blog post read.

The data culled by Check Point is from 250 million addresses inspected for bots, 11 million malware signatures, and more than 5.5 million infected websites.

Monero has long been mined via so-called cryptojackers. Last November, McAfee Labs announced the prevalence of WebCobra, said to be Russian in origin.

A recent study from researchers in Madrid and London claim that about $33 million worth of Monero, constituting 4.32% of the cryptocurrency in circulation, has been mined illegally through hacks.

McAfee Labs reported last December that mining malware has increased in the four quarters ending September 2018, by 4,467%.