Skip to Content
Computing

Forget viruses or spyware—your biggest cyberthreat is greedy currency miners

Software that hijacks your computer to mine has become the most popular malware on the planet.
January 19, 2018
Mr. Tech

The practice of surreptitiously mining cryptocurrency on other people’s hardware is becoming pervasive, overtaking ransomware as a tool of choice for extorting money online.

This week, cybersecurity firm Check Point published its regular Global Threat Index. It shows that Coinhive, a piece of software that uses processing power on someone’s device in order to mine cryptocurrency, has become the most prevalent form of malware on the Internet. Another piece of cryptojacking malware, called Cryptoloot, is now the third most prevalent.

The rogue software exploits the way many cryptocurrencies are mined in order to turn a buck. Bitcoin and many of its newer rivals are given as rewards for performing the computationally demanding cryptographic operations that underpin the transaction records of the currencies—a process known as mining. Steal someone’s computing power by embedding such code in websites or software, and you can make money. Steal enough, and you can make a lot (see “Hijacking Computers to Mine Cryptocurrency Is All the Rage”).

“The problem,” explains Lotem Finkelstein, a threat intelligence analysis team leader at Check Point, “is that [cryptojacking is] simply everywhere—on websites, servers, PCs, and mobile.” Check Point says that it’s affected as many as 55 percent of organizations globally, while security researchers at Wandera claim instances on mobile devices increased by 287 percent between October and November of last year.

“It may be becoming a more serious issue than ransomware,” says Finkelstein, referring to attacks like last year’s WannaCry and NotPetya, which lock up computers in exchange for payment.

Other security experts agree. Speaking at a cybersecurity conference in Cambridge, UK, on Thursday, Max Heinemeyer, director of threat hunting at cybersecurity firm Darktrace, said that he has also observed the practice increase massively in recent months. On the sidelines of the event, he told MIT Technology Review that he, too, believes such attacks could overtake ransomware attacks as a global security threat.

That’s because it presents a better return on investment for hackers. Mining cryptocurrency is more likely to guarantee an income: ransomware attacks often go ignored, whether because a user knows they can back up their device, can’t afford the ransom, or doesn’t understand how to pay (ransoms are often payable in cryptocurrency, which many people aren’t familiar with using).

It also allows hackers to make money surreptitiously. Paul Ducklin of the security firm Sophos says that regular antivirus products should help many people identify and remove rogue mining software from their computers. But Heinemeyer explains that Darktrace—which uses artificial intelligence to spot unusual cyberthreats—has recently identified more sophisticated examples of cryptomining software installed on servers and websites that some rule-based threat detection tools wouldn’t spot.

Deep Dive

Computing

child outside a destroyed residential building in Kiev
child outside a destroyed residential building in Kiev

Russia hacked an American satellite company one hour before the Ukraine invasion

The attack on Viasat showcases cyber’s emerging role in modern warfare.

hacked telecom concept
hacked telecom concept

Chinese hackers exploited years-old software flaws to break into telecom giants

A multi-year hacking campaign shows how dangerous old flaws can linger for years.

inflection point post-NSO concept
inflection point post-NSO concept

The hacking industry faces the end of an era

But even if NSO Group is no more, there are plenty of rivals who will rush in to take its place. And the same old problems haven’t gone away.

stock image of robots in a car plant
stock image of robots in a car plant

Transforming the automotive supply chain for the 21st century

Cloud-based tech solutions are helping manufacturers manage a new ecosystem of suppliers with greater agility and resilience.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.