Mining malware may now be painfully familiar to anyone with even a passing awareness of cryptocurrency, but so far businesses and consumers alike are failing to significantly curb its growing threat.
On May 14, Israeli cybersecurity firm Check Point released its latest Global Threat Index, and for the fifth consecutive month it found that the Coinhive crypto-miner is the “most prevalent malware” in the world, affecting 16 percent of organisations globally.
Meanwhile, Santa Clara-based Malwarebytes released its cybercrime tactics and techniques: Q1 2018 report on April 9, finding that businesses had seen a 27 percent increase in mining malware in the first three months of the year compared to the previous three.
However, while the year-on-year growth in the value of cryptocurrencies would indicate that mining malware is going to continue spreading in parallel, there are some emerging signs that organisations at least are coming to terms with the threat posed by malware.
Exploiting basic vulnerabilities
Perhaps more worrying are the means by which mining malware such as Coinhive and Cryptoloot are gaining footholds in IT systems. According to Check Point, hackers are increasingly zoning in on more basic vulnerabilities, such as unpatched bugs in Microsoft Windows Server 2003 and in Oracle Web Logic.
46 percent of the organisations Check Point surveyed had been attacked in April as a result of the Microsoft Windows Server 2003 vulnerability, while 40 percent had been hit because of the Oracle Web Logic flaw. According to Horowitz: “It is troubling that so many organisations were impacted by these known vulnerabilities, especially as patches for both have been available for at least 6 months.”