Cryptocurrency mining malware has exceeded the 2018 threat index list. This is according to a report published by Checkpoint. It lists cryptographic malware as the most common and highlights Coinhive as the main cryptographic device.
Coinhive is a legitimate Javascript miner that allows website owners to monetize their platforms by exploiting the processing power of devices used by visitors. In this case it was classified as malware mainly due to its installation on thousands of websites through exploits and without the consent of visitors or owners.
The Javascript software can be set to use a certain percentage of the computing power of a device via the browser. Users on a Web page with embedded script usually suffer a reduction in performance latency. The problems of hardware overheating and the lowering of the battery life are some indicators that indicate that a machine has been infected. Coinhive is programmed to extract Monero as long as a visitor is on the website.
An analysis using the Publicwww code search engine estimates that over 16,000 websites currently have the Coinhive miner installed.
At the beginning of last year, when the cryptography market was experiencing an unprecedented boom, search statistics indicated that over 50,000 websites used the Coinhive miner. These figures fell sharply on the bearish bear market.
According to the Checkpoint report, the script hit more than 10 percent of all organizations worldwide and was the main malware for 13 consecutive months. XMRig, an open source software for open source CPU cryptocurrencies, ranked second in the top ten lists of malware.
Jsecoin, a browser-based JavaScript miner that allows users to extract encryption while enjoying an experience without advertising, has come third. Cryptoloot was in fourth position. It has striking similarities with Coinhive and allows website owners to use the computing power of visitors to extract Monero. XMRig had an overall coverage of eight percent, according to the report, while JSEcoin was seven percent.
Hackers also use CMS-based exploits
Last year, security researcher Troy Mursch discovered an encryption campaign based on vulnerable versions of Drupal's content management system (CMS) to spread encryption malware.
Some important sites have been infected, including Lenovo and the San Diego Zoo. Over 400 websites have been violated and miners have been injected. In the last year, the main sites like The Los Angeles Times, blue raspberry, is Show time I fell victim to these schemes.
Bigger goals are more risky for hackers because most major networks have enhanced Web site security systems, but the benefits are considerable. The immense traffic offers an extraordinary range of possibilities for hackers who can target millions of devices in a short period of time.
Malicious parties can use Trojan (RAT) remote access techniques, for example, to detect millions of infected systems and download a cryptographic payload. Monero's pseudo-features are a further convenience for hackers, as they can easily get away with their misdeeds.
Hackers are becoming more innovative
According to a recent report published by McAfee, cryptographic malware attacks have increased by over 4,000 percent in the last 12 months. It also indicates that hackers are becoming more innovative in launching attacks.
An exploit that was recently discovered by Remco Verhoef, a security researcher, targeted the Mac operating system and involved the execution of a single line of code to initiate the payload.
The hacker transmitted cryptocurrency chat messages on Slack, Discord and Telegram asking users to execute a command via Terminal on their Mac to apparently correct an error completing the cryptographic transfer.
The technique was relatively simple but allowed the hacker to bypass Gatekeeper, which prevents malicious software from running. The commands executed through Terminal are not examined, and this is what makes the hack particularly effective. Once a user executes the command, the hacker is allowed to access the computer remotely. The hacker can also install encryption malware through exploits.
Although cryptojacking attacks have increased in the last two years, the momentum seems to have eased while the cryptic downward conditions prevail.
reported
[ad_2]Source link