Domains Running Cryptocurrency Mining Scripts Surge 725 Percent
The number of domains with cryptocurrency mining scripts installed has skyrocketed 725 percent in four months, according to a security firm’s research. Approximately 2.7 million users were attacked by malicious crypto miners last year, with the most successful cybercriminals earning millions of dollars.
Domains with Mining Scripts Up 725%
Cyren Security Lab has been tracking websites running cryptocurrency mining scripts globally. The company revealed last week:
Based on the monitoring of a sample of 500,000 sites, we’ve found a 725% increase in the number of domains running [crypto mining] scripts on one or more pages – knowingly or not – in the four-month period from last September to January 2018.
According to Cyren, the number of new sites running crypto mining scripts jumped 3x in October, flattened in November, and skyrocketed in December and January.
“So half the total run-up since September was concentrated in the last two months, suggesting the rate of spread of cryptomining is accelerating,” the firm detailed. About 7,000 out of the sample sites were found running mining scripts during the first month of the year with monero the main crypto being mined.
2.7 Million Users Attacked
Kaspersky Lab researchers shared some data on Monday on crypto mining malware. They discovered that “cybercriminals have started using sophisticated infection methods and techniques” to install mining software, with the most widely used web miner being Coinhive. According to the security firm, 2.7 million users were attacked by malicious miners last year, representing an increase of approximately 50 percent from the previous year, adding:
The most successful groups observed by Kaspersky Lab earned millions of dollars by exploiting their victims in just six months during 2017.
In a recent demonstration at Mobile World Congress in Barcelona, Spain, Avast claimed that “15,000 internet-connected devices could be hacked to mine $1,000 cryptocurrency in 4 days,” CNBC reported. The cybersecurity firm demonstrated that “vulnerable internet-connected devices from security cameras to smartphones can be hijacked by hackers and turned into tools to mine cryptocurrencies.”
While Coinhive is most commonly used by malware creators on unsuspecting victims, an opt-in version exists too. However, Malwarebytes published an analysis of cryptomining malware last week, stating that “the opt-in version of their [Coinhive’s] API was barely used (40K/day) in comparison to the silent one (3M/day)…during the period of January 10 to February 6.”