The three most prevalent threats plaguing the internet have been found to be cryptocurrency miners.
In its latest analysis of the internet’s most pressing malware hazards, cybersecurity group Check Point ranked the supposedly neutral Monero-mining script CoinHive in first place – for the thirteenth month in a row, reports ZDNet.
Open-source Monero-mining software XMRig was named the second most prevalent, followed by browser-embeddable cryptocurrency miner JSECoin, known as a direct competitor of CoinHive.
Check Point analysts noted CoinHive for impacting 12 percent of organizations worldwide, while XMRig and JSECoin were found reaching 8 and 7 percent respectively.
CoinHive and JSECoin generally work in the same way. They are small pieces of code which can be placed inside websites that use the computing power of the visitor to mine cryptocurrency.
In the case of CoinHive, it mines the anonymity-focused cryptocurrency Monero. While many non-profit organizations have employed CoinHive to convert vistors’ computing power into charitable donatons, hackers have used it to force more than 400,000 routers around the world to mine Monero surreptitiously.
Indeed, cryptojacking with CoinHive is so lucrative that at one point last year, academics from Germany’s RWTH Aachen University determined the script was directly responsible for generating $250,000 every single month.
The XMRig “malware” is a little bit different. It’s actually stock-standard software utilized by the Monero community, publicly available on GitHub.
But cyberbaddies have exploited its accessibility. Researchers found a startling number of “droppers,” which are special Trojan horse viruses, were automatically downloading XMRig to be run on machines while the user was unaware.
This led to GitHub being named specifically as the number one site for hosting cryptocurrency mining malware, with current estimates suggesting cryptojackers have earned roughly $1.2 million per month over the past four years.