Crypto-jacking can’t survive without CoinHive says a new report
Just two years ago, crypto-jacking was said to represent 35 percent of all cyber threats. But the closure of mining service CoinHive has almost put an end to the pernicious industry.
Just two years ago, crypto-jacking was said to represent 35 percent of all cyber threats. The malware, which illicitly harnesses the processing power of website visitors to mine cryptocurrency, was held responsible for taking down networks at hospitals, car factories, universities and governments around the world.
But the closure of mining service CoinHive has almost put an end to the pernicious industry—the volume of crypto-jacking dropped 78% during the second half of 2019, according to a report from cybersecurity firm SonicWall.
Crytojacking falls 78%
Browser-based mining script maker CoinHive closed its doors in March 2019, citing the falling price of Monero, and the rising cost of mining, as making it untenable to continue.
Though the javascript code CoinHive produced was not intrinsically malicious—allowing legitimate webmasters to earn income by allocating a small portion of visitors’ processing power to mine Monero—it was easily abused by cybercriminals.
The mining scripts were popular with hacking groups including the North Korea-linked Lazarus, who implanted the scripts into the websites of unsuspecting victims to clandestinely mine cryptocurrency.
So widespread was the phenomenon that cybersecurity firm Check Point listed crypto-jacking as the world’s most significant malware threat. And a study from Palo Alto Networks found that over five percent of Monero in circulation was mined with malicious intent.
But with CoinHive gone, malicious activity has “crumbled” says Sonicwall. Total incidents of crypto-jacking hit 52.5 million for the first six months of 2019 and reached only 11.6 in the second half — a 78 percent drop since the start of July 2019.
When CoinHive closed its doors in March, many speculated that another mining firm would jump in to fill the gap, but six months later it is beginning to seem like the crypto-jacking gold rush might actually be over.
Though competing firms like CryptoLoot are still in operation, they appear to have different operating standards. Despite the suggestive branding, CyptoLoot states that it doesn’t pay out cryptocurrency to those who have injected the code into a compromised website.
But according to SonicWall VP Terry Greer-King, the lull is likely to be short-lived, and cybercriminals will eventually adapt. Speaking to Brave New Coin, he said hackers have already begun to pursue different attack vectors, and are now seeking to corrupt IoT devices and infect Web Apps with other crypto-jacking software.
“Crypto-jacking often follows the ebb and flow of cryptocurrency prices,” said Greer-King.”It is “too soon to proclaim the death of crypto-jacking just yet.”
Brave New Coin reaches 500,000+ engaged crypto enthusiasts a month through our website, podcast, newsletters, and YouTube. Get your brand in front of key decision-makers and early adopters. Don’t wait – Secure your spot and drive real impact in Q4. Find out more today!