Cryptocurrency Malware CoinHive becomes the 6th most common Malware

CoinHive, the cryptocurrency miner that made the news in September when it was discovered that the EITest campaign was using it to trick victims into paying for their services or handing out financial data via tech support scams.  However, a new report from coindesk.com reveals that the malware is becoming more widespread as it reaches 6th place on the list of most common malware in the world.

CoinHive works by providing website owners and operators a Javascript code that they can embed into their site. What this code does is that it covertly uses the website visitor’s processing power to mine the Monero cryptocurrency. This give both sides mutual benefits, as CoinHive keeps a portion of the mined amount, while the website owner keeps the rest. Unfortunately for website visitors, they won’t know that their processor is being used without their knowledge. While Coinhive itself is a legitimate company, its rather dubious method of operation often lends itself to abuse by malicious threat actors.

While Cryptomining malware is still not as well known as other malware like ransomware, the report from Coindesk is alarming as it shows that this threat is growing fast.   Stealthy and non-intrusive are attributes of cryptocurrency mining that might be helping in its rapid growth.  Decreased performance and latency caused by the cryptocurrency malware are annoying but can be hard to pinpoint as the cause.  Also, with multiple infected systems, the miner essentially gains more and more personal miners for himself without the computer owner’s knowledge.

Defending against CoinHive

Users who want to prevent CoinHive from using their resources may do the following:

  • Block Javascript-based applications from running on their browsers
  • Implementation of best practices to avoid engineered schemes such as the EITest campaign
  • Regularly update and patch your software (especially on your browsers)

Users should also look into effective security solutions such as Trend Micro™ Smart Protection Suites and Worry-Free™ Business Security, which protect end users and businesses from threats by detecting and blocking malicious files and all related URLs. Trend Micro™ Smart Protection Suites deliver several capabilities like high fidelity machine learning, web reputation services, behavior monitoring and application control that minimize the impact of this cryptocurrency miners and other threats.

Learn more about Trend from our Product page or contact us at 893-9515!

One Response

Leave a Reply

Your email address will not be published. Required fields are marked *