Check Point security’s ‘Most Wanted” list for December shows the top four Windows malware are crypto miners.

Check Point says despite an overall drop in value across all cryptocurrencies in 2018, cryptomining malware makes up half of teh top 10 places.

Coinhive remains the most prevalent malware for the 13th consecutive month. it impacts 12% of organisations worldwide.

Check Point

The Check Point list includes

 *The arrows relate to the change in rank compared to the previous month.

  • Coinhive – Cryptominer designed to perform online mining of Monero cryptocurrency. You catch it in drive-by web pages without the user’s knowledge or approval. The implanted JavaScript uses great computational resources to mine coins and might crash the system.
  • XMRig – Open-source CPU mining software used for the mining process of the Monero cryptocurrency. First seen in-the-wild on May 2017.
  • ↑ Jsecoin – JavaScript miner embedded in websites. With JSEcoin, you can run the miner directly in your browser in exchange for an ad-free experience, in-game currency and other incentives.
  • ↓ Cryptoloot – Cryptominer, use the victim’s CPU or GPU power and existing resources for cryptomining.
  • Authedmine – Performs online mining of Monero cryptocurrency when a user visits a web page without the user’s knowledge or approval the profits with the user.

What is cryptomining and what does it do to my computer?

Cryptomining malware, or cryptocurrency mining malware or simply cryptojacking, is malware developed to use a computer’s resources for cryptocurrency mining without a user’s explicit permission.

Cybercriminals use cryptomining malware to harness the processing power of large numbers of computers, smartphones and other electronic devices. These generate revenue from cryptocurrency mining. A single cryptocurrency mining botnet can net cybercriminals more than $30,000 per month, according to a recent report from Kaspersky Labs.

It uses a lot of processing power and while a PC can usually withstand prolonged heavy loads a smartphone cannot.

The worst is Coinhive. It is an off-the-shelf, dark web package that enables website owners to use stealth scripting to force visitors into cryptocurrency mining without any indication to the visitor.

Fortnight hack

Check Point also discovered security vulnerabilities in Fortnight’s login process. This could allow a threat actor to take over the account of any user, view their personal account information, purchase virtual in-game currency and eavesdrop on in-game chatter as well as home conversations.

Check Point

The vulnerability takes advantage of Epic Games’ use of authentication tokens in conjunction with Single Sign-On (SSO) providers such as Facebook, Google, X-Box and others built into Fortnite’s user login process. Always use a login/password – never use SSO.