Cryptominers still most active threat to firms

NEW DELHI: While some of the big cryptomining services such as Coinhive have shut down operations, cryptominers are still the most prevalent malware aimed at organisations especially on Cloud environments, a new report by Israel-based cyber security firm Check Point said on Wednesday.

Last month, both Coinhive and Authedmine stopped their mining services.

“For the first time since December 2017, Coinhive dropped from the top position but, despite having only operated for eight days in March, it was still the sixth most prevalent malware to affect organisations during the month.

At its peak, Coinhive impacted 23 per cent of organisations worldwide.

“With cryptocurrencies’ values dropping overall since 2018, we will be seeing more cryptominers for browsers following Coinhive’s steps and ceasing operation,” said Maya Horowitz, Threat Intelligence and Research Director at Check Point.

“However, I suspect that cyber criminals will find ways to earn from more robust cryptomining activities, such as mining on Cloud environments, where the built-in auto-scaling feature allows the creation of a larger haul of cryptocurrency,” Horowitz said in a statement.

Organisations have been asked to pay hundreds of thousands of dollars to their Cloud vendors for the compute resources used illicitly by cryptominers.

Many websites still contain the Coinhive JavaScript code though with no mining activity taking place.

Check Point’s “ThreatCloud Map” database holds over 250 million addresses analysed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.