Cryptocurrency mining threat to business can't be ignored, warns report

Malware designed to mine Monero on the increase

Bitcoin cryptocurrency mining

Companies are increasingly being attacked by mining malware looking to extract Monero cryptocurrency, a new report has warned.

According to the GTIC Monero Mining Malware report, published by NTT Security, the cryptocurrency is being mined as it allows hackers the greatest amount of anonymity.

Researchers at NTT Security's Global Threat Intelligence Center (GTIC) found around 12,000 Monero mining malware samples, with the earliest dating back to March 2015. They also discovered that 66% of the samples were submitted from November to December 2017, indicating a substantial increase in the use of coin mining malware.

Around 40% of global internet traffic and data from a wide range of threat intelligence sources were analysed by researchers. Based on this data, they found that cyber criminals are using phishing emails as the primary vector to gain a foothold on a targeted system, which attackers can then leverage to mine Monero with the victim's resources.

Advertisement - Article continues below

The discovery of coin miners in a network environment suggests that more malicious activity could also exist there, such as backdoors and unpatched vulnerabilities. The company also found that legitimate coin mining services, such as Coinhive, could be abused and injected into mobile games and websites.

The report also found that Amazon Web Services was hosting a significant amount of Coinhive JavaScript (JS) in web pages published on its platform. Additionally, the researchers discovered that Germany and the United States lead the globe with the most IPs hosting websites with Coinhive JS.

Advertisement
Advertisement - Article continues below

"Monero mining malware is installed on the victim's computer or smartphone without their knowledge and, once installed, it uses the victim's computing resources and electricity supply to mine cryptocurrencies. The rewards go directly to the hacker, not the owner of the computer. Device owners might not suspect a thing," said Terrance DeJesus, threat research analyst at NTT Security.

DeJesus added that organisations mustn't ignore the threat of mining malware. "The impact of an attack can go well beyond performance issues. Mining costs organisations money, impacts the environment and causes reputational damage. It could also be indicative of more problems in the network," he added.

Advertisement

Recommended

Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020
Visit/security/internet-security/355228/mozilla-fixes-two-firefox-zero-days-being-actively-exploited
internet security

Mozilla fixes two Firefox zero-days being actively exploited

6 Apr 2020
Visit/security/hacking/355227/65-country-coronavirus-team-protects-the-technological-infrastructure-of
hacking

Cyber security experts form coronavirus taskforce to combat ransomware attacks

3 Apr 2020

Most Popular

Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/security/privacy/355211/google-releases-location-data-to-showcase-effectiveness-of-coronavirus
privacy

Google releases location data to show effectiveness of coronavirus lockdowns

3 Apr 2020