It's called in-browser cryptojacking and hackers use it to target less-well known cryptocurrencies such as Monero, Coinhive and Zcash--low-profile cryptocurrencies, that ironically are the currencies-of-choice among threat actors.
A recent cryptojacking campaign infected over half-a-million victims in just three days.
Industry analysts recognize Stealthcare for changing cybersecurity from defense to a more aggressive posture that relies on early warning, threat assessment, Al and human intelligence. Early on, Stealthcare's proprietary platform Zero Day Live, detected a significant upward trend in cryptomining and cryptojacking, warned its clients of the threat and provided countermeasures.
"This is criminal behavior plain and simple. Wrongdoers directly attack the weakest link--the consumers who rely on cryptocurrency exchanges and their digital wallets for their transactions. They lure their victims in through elaborate phishing campaigns, drive-by downloads, and other subterfuges," says Samide, adding, "The explosion of initial coin offerings (ICO) and cryptocurrency exchanges proliferating without adequate security, gave hackers the opening they needed to attack wallets and apps, siphoning off cryptocurrency from these exchanges."
Bitcoin and Ethereum were targets when they first emerged. But as they become more mainstream, they are also being scrutinized by sovereign governments looking to apply transparency requirements on their transactions. "These legacy cryptocurrencies now appear to be less attractive as hackers target emerging and more privately-focused currencies such as Coinhive along with Monero and Zcash," according to Samide.
Cryptomining Malware Threats