Mining malware may now be painfully familiar to anyone with even a passing awareness of cryptocurrency, but so far businesses and consumers alike are failing to significantly curb its growing threat. On May 14, Israeli cybersecurity firm Check Point released its latest Global Threat Index, and for the fifth consecutive month it found that the Coinhive crypto-miner is the "most prevalent malware" in the world, affecting 16 percent of organizations globally. Meanwhile, Santa Clara-based Malwarebytes released its Cybercrime tactics and techniques: Q1 2018 report on April 9, finding that businesses had seen a 27 percent increase in mining malware in …

A new piece of so-called cryptojacking malware used half a million computers to mine 133 Monero (XMR) tokens (about $25,000) in three days, Finance Magnates reports today, May 18. New research published by cyber security firm 360 Total Security May 16 found that the malware, referred to as WinstarNssmMiner, presents a fresh challenge to users, due to its ability to both mine and crash infected machines at will. Malicious software that engages in cryptojacking – the use of another’s device to mine crypto without their knowledge – has become a common phenomenon in recent months. As Cointelegraph reported, instances have …

The Coinhive crypto mining code has been recently detected on more than 300 government and university websites worldwide, cyber security researcher Troy Mursch reported Saturday, May 5. According to the report, all the affected websites are using a vulnerable version of the Drupal content management system. As the researcher posted on Twitter May 4, he was alerted to this particular campaign via the attack on the websites of the San Diego Zoo, and the government of Chihuahua, Mexico. Both websites reportedly had Coinhive injected into their Javascript libraries in the same way. Coinhive is a JavaScript program created to mine …

Microsoft’s Windows Defender Antivirus has blocked an attack of more than 400,000 attempts over a span of 12 hours for trojans to infect users with a cryptocurrency miner, according to a Microsoft blog post on March 7. Windows Defender’s research showed that a little before noon (PST) on March 6, Windows Defender Antivirus began detecting these sophisticated trojans, which are new variants of an application called Dofoil (or Smoke Loader), attempting to inject cryptocurrency mining malwares through “advanced cross-process injection techniques, persistence mechanisms, and evasion methods.” The majority, or 73 percent, of these instances came from Russia, with 18 percent …

On May 30, the author of the crypto-ransomware known as Locker posted an apology on Pastebin and claimed that he “never intended to release” the malware program. According to Threatpost.com, the author says he terminated distribution as of June 2 and that he has decrypted all infected files. The author said on Pastebin: " I am the author of the Locker ransomware and I'm very sorry about that has happened. It was never my intention to release this. I uploaded the database to mega.co.nz containing 'bitcoin address, public key, private key' as CSV. This is a dump of the complete …

Western secret agencies partnership known as the "Five Eyes" launched a surveillance unit called Network Tradecraft Advancement Team (NTAT) to spy on smartphone users as well as a major Chinese mobile web browser. As top secret document obtained by Edward Snowden has revealed, they planned to hijack data and insert malware into Samsung devices with Google apps. The documents obtained by Edward Snowden and published by CBC on May 21, 2015, revealed plans from as early as 2011 from major spy agencies to attempt and compromise Google and Samsung servers to spy on their mobile users as well as a …