Brazil Tops List of Cryptojacking Coinhive Victims, Iranian Cybersecurity Authority Warns

Published at: Oct. 10, 2018

The highest number of recorded incidents of Coinhive cryptojacking software have taken place in Brazil, Iran’s country’s cybersecurity authority revealed in a report Monday, October 8.

According to the Iranian authority’s report on malware in 2017, Brazil, the country with the most reported cases, has been hit over 81,000 times by Coinhive. India came in second with around 29,000, followed by Indonesia with more than 23,000, while Iran scored about 11,000.

Coinhive, the cryptocurrency mining software which mines Monero (XMR), provides an Application Programming Interface (API) to developers, which then lets the developer use a website visitors’ CPU resources to mine the privacy-centered altcoin.

According to a study in May, around 300 websites worldwide contained malicious code which would lead to a device becoming infected with Coinhive without users’ knowledge. More recently, the software has been removed from League of Legends Philippines, and police in Japan investigated a cryptojacking case with Coinhive used as malware.

Relating to Iran specifically, CERTCC found the capital Tehran to be most contaminated with 606 reports, followed by Esfahan with 244.

“It is expected to be one of the security challenges in years to come,” the report’s authors forecast.

As Cointelegraph has reported, overall cryptojacking malware reports surged almost 500 percent in 2018. According to calculations in June, around 5 percent of the total circulating Monero supply was mined using such illicit techniques.

Tags
Related Posts
Report: Number of Routers Affected by Crypto Malware Doubled Since August, Reaching 415K
The number of MikroTik routers affected by cryptojacking malware has repotedly doubled since summer 2018, reaching 415,000, security researcher VriesHd tweeted Sunday, Dec. 2. Since August, VriesHd has been reporting on crypto malware that targets routers and forces them to mine cryptocurrencies along with the researchers from Bad Packets Report. They revealed that routers by Mikrotik, a Latvian manufacturer of network equipment, were compromised by at least 16 different types of malware including Coinhive, a cryptojacking software mining privacy-oriented cryptocurrency Monero (XMR). By September the estimated number of compromised routers surpassed 280,000, according to Bad Packets. In the recent tweet …
Altcoin / Dec. 6, 2018
Watch Out for This Cryptojacking Botnet That Steals Data From Its Victims
The threat intelligence team at Cisco Systems discovered a new cryptojacking botnet named “Prometei.” This botnet both mines Monero (XMR) and steals data from the targeted system. According to the paper sent to Cointelegraph, the botnet has been active since May. It relies on 15 executable modules to recover administrator passwords from the infected computer. Password validity is verified by sending them to a control server connected to other networks. Once the malware has obtained access to the user’s administrative rights, it proceeds to record all data contained within the system. Cisco Talos estimates this botnet may contain up to …
Technology / July 22, 2020
Despite Bear Market, Crypto Mining Malware Tops Threat Index for 13th Month Running
Three strains of crypto mining malware have topped the latest Global Threat Index from Israeli cybersecurity firm Check Point, according to a press release published on Jan. 14. Check Point Software Technologies Ltd. is a security solution provider for governments and enterprises globally, with over 100,000 organizations reported to be currently using its security management system. As reported, stealth crypto mining attacks — also known as cryptojacking — work by installing malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. According to Check Point’s Global Threat Index for December 2018, the top …
Altcoin / Jan. 14, 2019
Government Sites in India Among Prime Targets for Cryptojacking, Research Shows
Official government websites have become a prime target for cryptojacking in India, The Economic Times (ET) reports today, September 17. Cryptojacking is the practice of infecting a target with malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. New research from cybersecurity analysts reportedly reveals that widely trusted government websites – including those of the director of the municipal administration of Andhra Pradesh, Tirupati Municipal Corporation and Macherla municipality – have become the latest to be exploited by the practice. Security Researcher Indrajeet Bhuyan told ET that: “Hackers target government websites for …
Altcoin / Sept. 17, 2018
Coinhive Code Found On 300+ Websites Worldwide In Recent Cryptojacking Campaign
The Coinhive crypto mining code has been recently detected on more than 300 government and university websites worldwide, cyber security researcher Troy Mursch reported Saturday, May 5. According to the report, all the affected websites are using a vulnerable version of the Drupal content management system. As the researcher posted on Twitter May 4, he was alerted to this particular campaign via the attack on the websites of the San Diego Zoo, and the government of Chihuahua, Mexico. Both websites reportedly had Coinhive injected into their Javascript libraries in the same way. Coinhive is a JavaScript program created to mine …
United States / May 8, 2018