Last year, researchers sounded the alarm about the looming epidemic cryptogamia or so called covert mining. Now the number of cases is steadily declining. Recall that cryptogenic is when the attackers (a few site owners or web masters) used on the sites of special scriptsthat are remotely CPU of your computer and earn for Scam cryptocurrency. It should be noted, sometimes site owners are not aware that their life is infected, as hackers find loopholes and inject scripts into pages without them knowing.
Check Point, which specializiruetsya on cryptobatrachus, conducted new research and shared its results. According to the report, in the first half of last year, 42 percent of organizations worldwide have been infected by programs for covert mining. During the same period this year, the infestation recorded in only 26 percent of companies. That is, the downward trend is obvious.
In the study, experts managed to talk with the chief scientific officer Bad Packets, Troy Mortem. His company also deals with security issues in the network and tracks the threat of cryptogamia. Hidden mining no longer brings the criminals to the desired profit, because the price of crypto-currencies are unable to recover to previous highs.
We already wrote that the number of cases started to decrease immediately after closure of the service for covert mining Coinhive in February of this year. Specialists Check Point also noted this event as one of the important factors. Given the ambiguous reputation cryptogamia and their methods, Coinhive positioned itself as an option for owners of websites to earn money without impacting the visitors of the annoying advertising. The main problem is that large businesses did not take these methods seriously. But a clever script, very fancy, the hackers who began to build it in all sites with a weak defense.
In the end, after an unexpected closure Coinhive, hackers switched to CryptoLoot is one of the popular counterparts. For the first half of 2019 from CryptoLoot affected 7.2 percent of companies in the world.
Cryptogenic is not the same
According to Check Point, in July, was one of the most noticeable loss of activity Cryptoloot. Less than a month hidden miner has moved from 3 to 10 line rating programs for covert mining. The Director of the division intelligence threats and research in the company Maya Horowitz explains that cryptogenic hardly gone forever — the hackers simply probing for new methods.
They are just less oriented to end users and office network, and instead rely on the hidden miners type XMRig Jsecoin and implementing them in enterprise and cloud data centers.
According to Horowitz, this may be due to different purpose of the scripts: some are easier to embed in pages, and others designed to steal computing power in large networks.
And here, too, it is worth noting the serious nature of the problem. For the first six months of this year, the script XMRig infected already 6.3 percent and Jsecoin — 6.2 percent of organizations around the world. The attack of the enterprise and cloud systems brings far more profit. In February last year, one hacker managed to introduce XMRig on the servers of the international system of automation of processes Jenkins and earn Monero $ 3 million equivalent. However, according to Troy March, it does not necessarily indicate revival of the problem of cryptogamia. He claims, therefore, the villains are probably just trying to catch to steal what they can steal.
However, Gorovitz from Check Point claims that what’s more important is to pay attention to new malware that appeared this year. For example, the virus DarkGate is able to steal account data and passwords, and encrypt your files and open an attacker remote access to the victim’s computer.
The problem of mining hidden where widespread than it might seem. I myself had a chance encounter with cryptocaryon. Mostly my laptop is used for work with texts and surfing the net. Not so powerful CPU always had to work in complete silence without the annoying hum of the cooler. However, certain sites were dispersed by the device as the turbine of a Boeing. In fact, that’s how I found out about the hidden miners, because he started to look for information, what can be the reason for such behavior of laptop.
By the way, it’s pretty easy to check by opening the task Manager and specifying which tab browser ship system the most. If at this moment the site owners or intruders bottom cryptocurrencies for your processor, then this tab will be shipping the CPU at 95-99%. I have noticed this peccadillo cryptocurrency resource Ambcrypto, who somehow already a few days in maintenance mode and does not publish new articles. Karma!
And if you’ve ever had to deal with a hidden mining? If you have any interesting history on this topic, feel free to share in our cryptodata.
Subscribe to our channel in the Telegram. And watch out for the safety of your PC!