March 5, 2018 By Shane Schick 2 min read

According to new research, the number of domains hosting cryptocurrency mining scripts jumped 725 percent over a four-month period at the end of 2017. This drain on computing resources may go hand in hand with malware threats.

Mining Scripts Multiplying in 2018

Internet security firm Cyren analyzed data based on a scan of 500,000 websites, some of which may have been running cryptocurrency mining scripts without their owners’ knowledge. In fact, the number of sites supporting the mining of cryptocurrencies such as Monero doubled month over month in December 2017 and again in January 2018, which could indicate that such activities are ramping up significantly, according to the report.

There’s more at stake here than just degraded CPU performance. As Dark Reading pointed out, cybercriminals could embed a malicious executable file to be activated at a later date using the same code. CoinHive is among the miners that are easiest to obtain, but the propensity for misuse is making it a target for tools that normally scan machines for traditional malware and other threats.

Cryptocurrency Mining: A Lucrative Threat

Almost anything is at risk for attack when it comes to harnessing power for cryptocurrency mining. Around the time that Cyren published its research, NewsBTC reported, Avast showed how cryptocurrency mining scripts could be injected into smartphones and connected home devices at Mobile World Congress. The firm demonstrated that cybercriminals could earn as much as $1,000 in four days by taking over 15,000 Internet of Things (IoT) devices.

Another option is to look for a big-name target with lots of computing power at its disposal. That is likely what prompted fraudsters to hijack an Amazon Web Services account owned by car manufacturer Tesla, as reported by Fortune.

As the market for cryptocurrency heats up, organizations are likely to see more incidents like these with even more dire consequences.

More from

SoaPy: Stealthy enumeration of Active Directory environments through ADWS

10 min read - Introduction Over time, both targeted and large-scale enumeration of Active Directory (AD) environments have become increasingly detected due to modern defensive solutions. During our internship at X-Force Red this past summer, we noticed FalconForce’s SOAPHound was becoming popular for enumerating Active Directory environments. This tool brought a new perspective to Active Directory enumeration by performing collection via Active Directory Web Services (ADWS) instead of directly through Lightweight Directory Access Protocol (LDAP) as other AD enumeration tools had in the past.…

Smoltalk: RCE in open source agents

26 min read - Big shoutout to Hugging Face and the smolagents team for their cooperation and quick turnaround for a fix! Introduction Recently, I have been working on a side project to automate some pentest reconnaissance with AI agents. Just after I started this project, Hugging Face announced the release of smolagents, a lightweight framework for building AI agents that implements the methodology described in the ReAct paper, emphasizing reasoning through iterative decision-making. Interestingly, smolagents enables agents to reason and act by generating…

4 ways to bring cybersecurity into your community

4 min read - It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees is the first step. But the industry needs to expand the concept of a culture of cybersecurity and take it from where it currently stands as an organizational responsibility to a global perspective.When every person who uses technology — for work, personal use and school — views cybersecurity as their responsibility, it…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today