Cryptomining malware tops January's 'most wanted' list

Malware seeking to steal processor time for crypto currency mining continues to be a problem, with 23 percent of organizations globally affected by a Coinhive variant in January.

These findings come from a study by Check Point which discovered three different variants of cryptomining malware in its top 10 most prevalent listing, with Coinhive ranking first.

Coinhive performs online mining of the Monero cryptocurrency when a user visits a web page. It uses implanted JavaScript that uses the computational resources of the user’s machine to mine coins, impacting system performance.

In addition to cryptominers, Check Point researchers also discovered that 21 percent of organizations have still failed to deal with machines infected with the Fireball malware. Fireball can be used as a malware downloader capable of executing any code on victims' machines. It was first discovered in May 2017, and severely impacted organizations during the summer of last year.

"Over the past three months cryptomining malware has steadily become an increasing threat to organizations, as criminals have found it to be a lucrative revenue stream," says Maya Horowitz, threat intelligence group manager at Check Point. "It is particularly challenging to protect against, as it is often hidden in websites, enabling hackers to use unsuspecting victims to tap into the huge CPU resource that many enterprises have available. As such, it is critical that organizations have the solutions in place that protect against these stealthy cyber-attacks."

In the mobile world Lokibot, an Android banking Trojan, was the most popular malware used to attack organizations' mobile systems in January followed by the Triada backdoor and the Hiddad malware which repackages legitimate apps then releases them to a third-party store.

More detail on the findings is available on the Check Point blog.

Image credit: FabreGov / Shutterstock