Cryptominers are among the most common type of malware in the wild today, based on the latest research by digital security company Check Point. While there are dozens of variants deployed by hackers, the cryptojacker “Coinhive” is the malware of choice this year. Once installed on a computer, it works in the background siphoning off your computing power to mine Monero any time your computer is on and sending the gains to the hackers.
The second most popular is a piece of malware called Jsecoin, which is a JavaScript-based miner that can be embedded into websites and runs in a target’s browser. Then there’s Cryptoloot, which is a Coinhive competitor and works in much the same way.
Although cryptojacking software dominates the top-ten list, they’re not the only types of malware on it, and this year’s list features two venerable contenders: Emotet and Ramnit, both of which are banking Trojans that have been in circulation for a long time.
While all of these threats are bad, the one that’s getting a lot of attention from security professionals is a relative newcomer to the rankings called Smoke Loader. Interestingly, Smoke Loader isn’t dangerous by itself, but then again, that’s not its real goal. It’s a gateway malware. A Trojan whose express purpose is to infiltrate a system and then download additional malware.
The specifics are entirely open-ended. If a hacker using Smoke Loader to infiltrate a system wants to follow that attack up with a cryptojacker, he can do that. If he’d prefer to launch a ransomware attack, he can do that too. The sky is basically the limit.
In any case, the Check Point top-ten list is well worth a closer look, if for no other reason than to be sure your IT staff is up on all the latest threats.
