Cryptocurrency mining malware has exceeded the 2018 threat index list. This is according to a report published by Checkpoint. It lists cryptographic malware as the most common and highlights Coinhive as the main cryptographic device.
An analysis using the Publicwww code search engine estimates that over 16,000 websites currently have the Coinhive miner installed.
At the beginning of last year, when the cryptography market was experiencing an unprecedented boom, search statistics indicated that over 50,000 websites used the Coinhive miner. These figures fell sharply on the bearish bear market.
According to the Checkpoint report, the script hit more than 10 percent of all organizations worldwide and was the main malware for 13 consecutive months. XMRig, an open source software for open source CPU cryptocurrencies, ranked second in the top ten lists of malware.
Hackers also use CMS-based exploits
Last year, security researcher Troy Mursch discovered an encryption campaign based on vulnerable versions of Drupal's content management system (CMS) to spread encryption malware.
Some important sites have been infected, including Lenovo and the San Diego Zoo. Over 400 websites have been violated and miners have been injected. In the last year, the main sites like The Los Angeles Times, blue raspberry, is Show time I fell victim to these schemes.
Bigger goals are more risky for hackers because most major networks have enhanced Web site security systems, but the benefits are considerable. The immense traffic offers an extraordinary range of possibilities for hackers who can target millions of devices in a short period of time.
Malicious parties can use Trojan (RAT) remote access techniques, for example, to detect millions of infected systems and download a cryptographic payload. Monero's pseudo-features are a further convenience for hackers, as they can easily get away with their misdeeds.
Hackers are becoming more innovative
According to a recent report published by McAfee, cryptographic malware attacks have increased by over 4,000 percent in the last 12 months. It also indicates that hackers are becoming more innovative in launching attacks.
An exploit that was recently discovered by Remco Verhoef, a security researcher, targeted the Mac operating system and involved the execution of a single line of code to initiate the payload.
The hacker transmitted cryptocurrency chat messages on Slack, Discord and Telegram asking users to execute a command via Terminal on their Mac to apparently correct an error completing the cryptographic transfer.
The technique was relatively simple but allowed the hacker to bypass Gatekeeper, which prevents malicious software from running. The commands executed through Terminal are not examined, and this is what makes the hack particularly effective. Once a user executes the command, the hacker is allowed to access the computer remotely. The hacker can also install encryption malware through exploits.
Although cryptojacking attacks have increased in the last two years, the momentum seems to have eased while the cryptic downward conditions prevail.