Mining Malware may now be painfully familiar to anyone with even a passing awareness of cryptocurrency, but so far businesses and consumers alike are failing to significantly curb its growing threat.

On May 14, Israeli cybersecurity firm Check Point released its latest Global Threat Index, and for the fifth consecutive month it found that the Coinhive crypto-miner is the “most prevalent malware” in the world, affecting 16 percent of organizations globally.

Meanwhile, Santa Clara-based Malwarebytes released its Cybercrime tactics and techniques: Q1 2018 report on April 9, finding that businesses had seen a 27 percent increase in mining malware in the first three months of the year compared to the previous three.

However, while the year-on-year growth in the value of cryptocurrencies would indicate that mining malware is going to continue spreading in parallel, there are some emerging signs that organizations at least are coming to terms with the threat posed by malware.

Exploiting basic vulnerabilities
Check Point’s latest report is more worrying than its headline alone would suggest. Not only does Coinhive – a Javascript malware designed to mine Monero (XMR) – occupy the top spot on April’s list of the ten “most wanted” malware, but second place is taken by Cryptoloot, another stealthy, undetectable miner of XMR. Similar to Coinhive, Cryptoloot has been around for several months, having entered the top ten in December 2017, when Coinhive first claimed the number one spot.

Perhaps more worrying are the means by which mining malware such as Coinhive and Cryptoloot are gaining footholds in IT systems. According to Check Point, hackers are increasingly zoning in on more basic vulnerabilities, such as unpatched bugs in Microsoft Windows Server 2003 and in Oracle Web Logic. Maya Horowitz, Check Point’s Threat Intelligence Group Manager, explained:

The post Mining Malware Continues To Dominate Cybersecurity Threats By Seeking Out New Vulnerabilities appeared first on SecuriThings.