The practice of stealthily mining cryptocurrency on other people’s devices has beocme pervasive, and overtook ransomware as a tool of choice for extorting money online.
The Check Point Threat Index shows that Coinhive, malware that steals CPU cycles on someone’s device in order to mine cryptocurrencies has become the most prevalent form of malware on the Internet. Add the third most prevalent cryptojacking malware Cryptoloot and this is the No. 1 infection.
Steal someone’s computing power by embedding such code in websites or software, and you can make money. Steal enough, and you can make a lot.
“The problem,” explains Lotem Finkelstein, a threat intelligence analysis team leader at Check Point, “is that [cryptojacking is] simply everywhere—on websites, servers, PCs, and mobile.” Check Point says that it’s affected as many as 55 percent of organizations globally, while security researchers at Wanderaclaiminstances on mobile devices increased by 287 percent between October and November of last year.
And guess what the most-used infection vector is? You got it: phishing.