Massive Increase in Mining Malware Reported by Security Firms

In separate reports, security firms have confirmed a massive uptick in websites running mining software both purposely and without their knowledge.

Sites Looking to Boost Revenue

The security vendor Cyren monitored half a million websites over the period of September 2017 through January 2018 finding a 725% increase in domains running mining scripts, with half of that increase happening in just the last two months of 2017.

The value spike in cryptocurrency during the bull run in late 2017 is being singled out as the main cause of the huge increase in websites hosting mining software. Monero, the most widely mined token today, shot up over 250% in price over the four-month time period.

Website operators have looked to mining as a way to supplement advertising income which has been dropping steadily as more and more people install Adblock software on their computers or switch to Facebook.

“Most of the sites we’ve seen are not in the top 10,000 sites globally, but there are instances of top 10,000 sites.” Reported Tinna Thuridur Sigurdardottir a malware analyst at Cyren when talking about the companies findings.

Cryptocurrency miners are also extremely easy to install. For some types it can be as simple as inserting a couple lines of JavaScript into the websites HTML code. It is also that easy for cyber-criminals to install it on unsuspecting user’s machines.

Coinhive’s Monero miner is by far the most prominent in-browser mining software in use. Monero itself is a legitimate token but as the price has gone up hackers have quietly installed the software on everything from government computers to WordPress sites according to Cyrens security report.

Hackers Attack IoT Devices

It’s not only computers that are being attacked though, all manner of smart devices from phones to fridges can be hijacked to mine cryptocurrencies.

Czech based cybersecurity firm Avast ran a demonstration last Wednesday at the Mobile World Congress in Barcelona, Spain, which showed how hackers could make $1,000 every four days by hijacking 15,000 devices.

The demonstration could not reach 15,000 “internet of things” (IoT) devices but based on the model it showed how easily hackers could breach and install mining software through a network. To put the numbers into perspective there are an estimated 8.4 billion IoT devices today but in just two years that number is expected to reach 20 billion.

“This ubiquity of devices combined with the fact they are so easy to attack makes them an attractive target,”

Ondrej Vlcek, the chief technology officer at Avast, told CNBC Wednesday.

The reason that Monero is so readily associated with these types of mining attacks is that the coin is regarded as the most securely anonymous and untraceable among cryptocurrencies and therefore has become the favorite among black hats the world over.

Leave a Comment

Scroll to Top