An Unprecedented CryptoJacking Boom
According to analysis via the Publicwww code search engine, there are over 16,000 websites infected with the Coinhive miner. At the start of last year, when the crypto market was experiencing unprecedented growth, statistics revealed that over 50,000 sites were using the software. This year, the figures have dwindled given the current bear market. Checkpoint goes on to state that Coinhive has affected over 10% of global organizations. It also mentions the fact that Coinhive has been the number one mining malware for 13 months straight. The other contenders for the top spot of cryptojacker include Cryptoloot, Jsecoin, and XMRig.
Hackers Using CMS-Based Exploits
In 2018, security researcher, Troy Mursch exposed a cryptojacking scheme that took advantage of vulnerable versions of the Drupal CMS to spread mining malware. A few major sites were infected, including the San Diego Zoo and Lenovo. Other popular sites such as the Los Angeles Times, Showtime, and Blackberry had also fallen victim to the malware. In total, over 400 websites were exposed. The harsh reality of having popular sites becoming infected is that they enjoy enormous traffic numbers and thus the risk of spreading malware to millions of devices is higher. Moreover, crypto hackers can remotely access their mined coins and withdraw all mined coins without breaking a sweat.
Hackers are Becoming Sophisticated
In the past year, according to a McAfee report, mining malware attacks have increased by over 4,000%. This reveals how sophisticated and driven hackers are at conducting attacks. Crypto researcher Remco Verhoef made the most recent discovery: Remco found out that a particular mining malware targeted the Mac OS. The technique for getting the malware to the Mac was straightforward. The hacker would broadcast messages on crypto chat boards via their Mac to fix a crypto transfer completion bug. Once a user executed this command, the hacker would gain access to the computer and install crypto mining malware remotely.
The Bottom Line
While preventing cryptojacking may be a difficult challenge, some healthy cyber practices can keep it at bay. For instance, never click on links you don’t trust. Also, don’t be fooled by any HTTPS site. It may be infected as well. Your best bet is installing anti-phishing software, an adblocker, and an antivirus. These may help minimize the risk of falling for hidden mining malware. Although cryptojacking cases have increased over the last two years, figures reveal that attacks have actually slightly subsided in terms of annual percentage increases. The most likely explanation for this is the bearish trend that the crypto market has been stuck in for some time now, meaning these figures are bound to rise once we hit a bull run. This shows that there’s both good and bad with everything, so stay safe out there!