Global Report: 42% of Companies Hit by Cryptomining Attacks

By Riley ThompsonTechnology News

Check Point: 42% of Companies Worldwide Affected by Cryptomining

Check Point experts have released the February edition of the Global Threat Impact Index, highlighting the most active and dangerous threats and trends of the month. According to analysts, illegal cryptocurrency mining remains a major issue: in February, 42% of companies worldwide were affected by cryptominers.

Researchers identified three different types of malicious miners that made it into the top 10 most active malware for the month. Mining scripts from CoinHive held onto the top spot, impacting one in five organizations globally. Cryptoloot climbed to second place, attacking twice as many companies in February as it did the previous month. Check Point reports that in January, 7% of organizations were affected by Cryptoloot, while in February that number jumped to 16%. Following the cryptominers, the Rig exploit kit ranked third, targeting about 15% of companies worldwide.

“Over the past four months, we have seen a significant increase in the spread of cryptominers. This ongoing threat can seriously slow down PCs and servers,” said Maya Horowitz, Head of Threat Intelligence at Check Point Software Technologies. “Once inside a network, cryptominers can also be used to carry out other malicious activities. That’s why it’s more important than ever for companies to implement a multi-layered cybersecurity strategy that protects against known malware and detects new threats.”

Most Active Malware in February 2018

  • Coinhive — Designed to mine Monero cryptocurrency without the user’s knowledge, directly through the browser when a victim visits an infected website.
  • Cryptoloot — A cryptominer that uses the victim’s CPU or GPU power, as well as other system resources, to mine cryptocurrency.
  • Rig — An exploit kit that has been around since 2014, including exploits for Internet Explorer, Flash, Java, and more.

According to Check Point, the number of attacks on Russian companies in February 2018 remained at the same level. Russia ranked 73rd in the Global Threat Index, with Coinhive and Cryptoloot also among the top three most active malware targeting Russian organizations.

The countries most affected by attacks in February were Botswana, Cameroon, and New Caledonia. The least targeted were Liechtenstein, Guernsey, and Kyrgyzstan. The map below shows the level of cyber threats by country (green — low risk; red — high risk; white — insufficient data).

Leave a Reply