Healthcare Information Security

Cybersecurity News

Cryptomining Top Malware Threat, Multi-Purpose Malware Surges

Check Point’s Most Wanted Malware report found that although the value of cryptocurrency declined in 2018, cryptomining malware made up half of its top 10 list.

top malware threat

By Jessica Davis

- For the past 13 months, cryptomining topped the list of leading malware threats, according to Check Point’s latest Global Threat Index for December 2018.

In fact, the top four malware threats were cryptomining variants, despite the value of cryptocurrency declining in 2018. Coinhive was the most prevalent, with about 12 percent of organizations falling victim across the globe. In second, XMRig with 8 percent and JSEcoin miner in third with 7 percent.

Both Coinhive and XMRig cryptojackers secretly use a victim’s computer to mine the cryptocurrency Monero, with the hackers pocketing the money. JSEcoin miner is a Javascript miner that runs directly through a web browser after it’s embedded.

Trojans held several positions on Check Point’s list, including Emotet and Ramnit. Most recently, Emotet has been seen in the wild coupled with Ryuk ransomware. It’s notable, as “damaging multi-purpose malware forms” emerged on Check Point’s list, as well.

These variants leverage multiple attack methods to distribute different threat types during the same cyberattack. For example, Smokeloader, which emerged in 2011 as a second-stage downloader for other malware, primarily trojans, entered the top 10 list for the first time after a wave of attacks in December.

“Its sudden surge in prevalence reinforces the growing trend towards damaging, multi-purpose malware in the Global Threat Index, with the top 10 divided equally between cryptominers and malware that uses multiple methods to distribute numerous threats,” Maya Horowitz, Check Point’s Threat Intelligence and Research Group Manager, said in a statement.

“The diversity of the malware in the index means that it is critical that enterprises employ a multi-layered cybersecurity strategy that protects against both established malware families and brand new threats,” she added.

The report mirrors July research from Kaspersky that found cryptocurrency mining attacks are replacing some ransomware attacks, as hackers are driven by financial gain. Further, while healthcare continues to be targeted by ransomware attacks, McAfee found the number of new variants has slowed – and cryptomining has surged.

For healthcare, IT leaders should look for suspicious network activity, such as CPU time, as these variants run in the background. Data and access should also be analyzed to monitor user behavior and detect abnormal behavior.


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...