Connect with us

Tech

March 2019’s Most Wanted Malware: Coinhive Stops Digging, but Cryptomining Still Dominates

Avatar

Published

on

Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. has published its latest Global Threat Index for March 2019. The index reveals that while cryptomining services such as Coinhive have closed down, cryptominers are still the most prevalent malware aimed at organizations globally.

As announced last month, both Coinhive and Authedmine stopped their mining services on March 8th. For the first time since December 2017, Coinhive dropped from the top position but, despite having only operated for eight days in March, it was still the 6th most prevalent malware to affect organizations during the month. At its peak, Coinhive impacted 23% of organizations worldwide.

Many websites still contain the Coinhive JavaScript code today, though with no mining activity taking place. Check Point’s researchers warn that Coinhive may well reactivate if the value of Monero increases. Alternatively, other mining services may increase their activity to take advantage of Coinhive’s absence.

During March, three of the top five most prevalent malware were cryptominers – Cryptoloot, XMRig and JSEcoin. Cryptoloot headed the Threat Index for the first time, closely followed by Emotet, the modular trojan. Both had a global impact of 6%. XMRig is the third most popular malware impacting 5% of organizations worldwide.

Maya Horowitz, Threat Intelligence and Research Director at Check Point commented: “With cryptocurrencies’ values dropping overall since 2018, we will be seeing more cryptominers for browsers following Coinhive’s steps and ceasing operation. However, I suspect that cyber criminals will find ways to earn from more robust cryptomining activities, such as mining on Cloud environments, where the built-in auto-scaling feature allows the creation of a larger haul of cryptocurrency.  We have seen organizations being asked to pay hundreds of thousands of dollars to their Cloud vendors for the compute resources used illicitly by cryptominers. This is a call for action for organizations to secure their Cloud environments.”

March 2019’s Top 3 ‘Most Wanted’ Malware:

*The arrows relate to the change in rank compared to the previous month.

  1. Cryptoloot – Crypto-Miner that uses the victim’s CPU or GPU power and existing resources for crypto mining – adding transactions to the blockchain and releasing new currency. It is a competitor to Coinhive, trying to pull the rug under it by asking a smaller percentage of revenue from websites.
  2. ↑ Emotet– Advanced, self-propagate and modular Trojan. Emotet once used to employ as a banking Trojan, and recently is used as a distributer to other malware or malicious campaigns. It uses multiple methods for maintaining persistence and evasion techniques to avoid detection. In addition, it can be spread through phishing spam emails containing malicious attachments or links.
  3. ↑ XMRig- Open-source CPU mining software used for the mining process of the Monero cryptocurrency, and first seen in-the-wild on May 2017.

This month Hiddad is the most prevalent Mobile malware, replacing Lotoor at first place in the top mobile malware list. Triada remains in third place.

March’s Top 3 ‘Most Wanted’ Mobile Malware:

  1. Hiddad – Android malware which repackages legitimate apps and then released them to a third-party store. Its main function is displaying ads, however it is also able to gain access to key security details built into the OS, allowing an attacker to obtain sensitive user data.
  2.            Lotoor– Hack tool that exploits vulnerabilities on Android operating system in order to gain root privileges on compromised mobile devices.
  3.            Triada – Modular Backdoor for Android which grants super user privileges to downloaded malware, as helps it to get embedded into system processes. Triada has also been seen spoofing URLs loaded in the browser.

Check Point’s researchers also analyzed the most exploited cyber vulnerabilities. CVE-2017-7269 is still leading the top exploited vulnerabilities with a 44% global impact. Web Server Exposed Git Repository Information Disclosure and is in second place, with OpenSSL TLS DTLS Heartbeat Information Disclosure in third, both impacting 40% of organizations worldwide.

March’s Top 3 ‘Most Exploited’ vulnerabilities:

  1. ↔ Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269)– By sending a crafted request over a network to Microsoft Windows Server 2003 R2 through Microsoft Internet Information Services 6.0, a remote attacker could execute arbitrary code or cause a denial of service conditions on the target server. That is mainly due to a buffer overflow vulnerability resulted by improper validation of a long header in HTTP request.
  2. ↑ Web Server Exposed Git Repository Information Disclosure– An information disclosure vulnerability has been reported in Git Repository. Successful exploitation of this vulnerability could allow an unintentional disclosure of account information.
  3. ↑ OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346)– An information disclosure vulnerability exists in OpenSSL. The vulnerability is due to an error when handling TLS/DTLS heartbeat packets. An attacker can leverage this vulnerability to disclose memory contents of a connected client or server.

Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.

The below table also gives you an understanding on how India is faring in terms of malware attacks as compared to global counterparts

Find top 10 per country
Malware_Family_Name Description Global Impact INDIA Impact
XMRig XMRig is an open-source CPU mining software used for the mining process of the Monero cryptocurrency, and first seen in-the-wild on May 2017. 7.68% 22.64%
Coinhive Crypto Miner designed to perform online mining of Monero cryptocurrency when a user visits a web page without the user’s approval. The implanted JS uses great computational resources of the end users machines to mine coins, thus impacting its performance. 11.59% 21.40%
Dorkbot IRC-based Worm designed to allow remote code execution by its operator, as well as the download of additional malware to the infected system, with the primary motivation being to steal sensitive information and launch denial-of-service attacks. 3.75% 12.04%
Jsecoin JavaScript miner that can be embedded in websites. With JSEcoin, you can run the miner directly in your browser in exchange for an ad-free experience, in-game currency and other incentives. 5.57% 11.52%
Cryptoloot cryptominer malware, using the victim’s CPU or GPU power and existing resources for crypto mining – adding transactions to the blockchain and releasing new currency. It is a competitor to Coinhive. 6.23% 10.03%
Emotet Advanced, self-propagating and modular Trojan. Emotet used to operate as a banking Trojan, and has evolved to be used as a distributer of other malware or malicious campaigns. It uses multiple methods and evasion techniques for maintaining persistence and avoiding detection. In addition, it can be spread through phishing spam emails containing malicious attachments or links. 5.14% 7.75%
Virut Virut is one of the major botnets and malware distributors in the Internet. It is used in DDoS attacks, spam distribution, data theft and fraud. The malware is spread through executables originating from infected devices. 1.71% 7.55%
Ramnit Ramnit is a worm that infects and spreads mostly through removable drives and files uploaded to public FTP services. The malware creates a copy of itself to infect removable and permanent drivers. The malware also functions as a backdoor. 2.57% 7.24%
Nitol Nitol is a Bot agent that targets the Windows platform. This malware collects basic system information and sends it to a remote server. An attacker can instruct the remote server to respond with commands primarily designed to carry out DoS attacks 1.05% 7.13%
Fireball Fireball is an adware vastly distributed by the Chinese digital marketing company Rafotech. It acts as a browser-hijacker which changes the default search engine and installs tracking pixels, but can be turned into a full-functioning malware downloader.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech

ASUS ROG Announces ROG Masters Asia Pacific eSports Tournament

Avatar

Published

on

By

ASUS ROG will host its first ROG Masters Asia Pacific eSports tournament from March to April 2021. Due to COVID-19 pandemic affecting travel around the region, the tournament will be conducted entirely online, with quarterfinal to final matches livestreamed.

The ROG Masters tournament will feature Counter-Strike: Global Offensive (CS:GO) as the official game title will provide opportunity to teams with enthusiastic players to pitch their skills against each other, as well as the best professional teams from their market and in the region.

Tournament Structure

The tournament will see various teams from 15 markets across the region vying for the chance to be crowned as the first ROG Masters Asia Pacific Edition CS:GO Champion. 

The tournament will be played in three stages played over the course of 2 months:

  • Country qualifiers
  • Country finals
  • Asia Pacific finals

Country qualifiers matches for India will start in the second week of April 2021; 8th April and the finals to be held on the 10th April. The India finals to find the top three teams to represent the country will be livestreamed live on 10th April.

Professional teams from across the region will be automatically placed into seeded positions in the country finals. This gives a greater chance for non-professional, enthusiast teams from India to get through the qualifiers and meet the pro teams in the country finals. 

Country Champions will then go on to experience battling winning teams from other APAC markets in the finals that will be livestreamed during 22nd to 25th April 2021.

Prizes

3 qualifying teams from India finals will stand to win US$800 for first place, US$400 for second place, US$200 for third place. They will then go on to the Asia Pacific finals with the chance to win the following prizes for the championship:

ROG Masters APAC ChampionshipAPAC Finals (USD/ team)
1st$10,000
2nd$3,500
3rd$1,500

Registration and Official Tournament Website

Registration for the first ROG Masters Asia Pacific tournament opens on February 8, 2021 at the tournament’s official website.

Registration closes on February 28, 2021 Further details, match schedules, pro team information as well as rules and regulations can also be found on the tournament website.

Continue Reading

Tech

Garena Launches Free Fire South Asia Showdown: Battle of the Stars

Avatar

Published

on

By

Garena has announced the Free Fire South Asia Showdown: Battle of the Stars, Free Fire’s first-ever esports tournament for the South Asia region. Taking place on 6 February, the tournament will feature some of the gaming community’s favourite Free Fire streamers and personalities from India, Pakistan, Nepal, and Bangladesh.

The Free Fire community has continued to expand in South Asia and across the world, with the mobile battle royale game the most downloaded mobile game globally in 2020, according to App Annie. Through the Free Fire South Asia Showdown: Battle of the Stars, Garena will look to continue its efforts to excite and delight its fast-growing South Asian community with exciting Free Fire content, and to support and develop the incredible online community in the region.

Tournament Format

The Free Fire South Asia Showdown: Battle of the Stars will feature a total of 12 teams. Each team will be led by one of the top 3 streamers from each of the 4 participating nations – chosen by public voting – in this epic clash to determine the best in the region. 

The 12 teams will compete in the Battle Royale Squad mode for a slice of the 1 million diamond prize pool. The ultimate winner of this star-studded tournament will receive 500,000 in-game diamonds; the first and and second runners-up will be awarded 300,000 and 200,000 diamonds respectively. 

Invited Teams

The Free Fire South Asia Showdown: Battle of the Stars will feature some of the most popular streamers and personalities from across South Asia. 

The team captains for each nation are: 

India

  • Total Gaming (19.4 Million YT Subs)
  • Desi Gamers (7.8 Million YT Subs)
  • Two-Side Gamers (6.85 Million YT Subs)

Bangladesh

  • Gaming with Nayeem (1.6 Million YT Subs)
  • Illusionist YT (479K YT Subs)
  • Gaming With Zihad (698K YT Subs)

Nepal 

  • Sooneeta (3.26 Million YT Subs)
  • Bshow Mgr (399K YT Subs)
  • Tonde Gamer (2.37 Million YT Subs)

Pakistan

  • RKG ARMY (1.77 Million YT Subs)
  • Unusual Gamer (81K YT Subs)
  • The Skinzo FF (75.5K YT Subs)

Broadcast Details:

Fans can witness all the high-octane action by tuning in to the live broadcasts of the Free Fire South Asia Showdown: Battle of the Stars. These will be hosted on Free Fire Esports India YouTube and Facebook, Free Fire Bangladesh Official YouTube and Facebook, as well as on BOOYAH!. 

To cater to the diverse South Asian community, the matches will be streamed with live commentary in 5 languages – Bengali, English, Hindi, Nepali and Urdu.

Continue Reading

Tech

Top Gaming Accessories for Ultimate Gaming Experience

Avatar

Published

on

By

Witnessing the consumer behaviour being impacted drastically last year, the year 2021 has welcomed an immense lifestyle change for gamers. Gaming has been one of the sectors that witnessed a spike like never before. From casual gamers to professional gamers, the segment realised immense growth in a matter of a few months. A lot of people opted for gaming for the first time with more time in hand, while amateur gamers worked on their skills to shift to pro-level. Owing to ‘isolate and chill’ mode to beat the anxiety and paranoia, a lot of people moved to ‘Play@Home’ and for many, it was rekindling their old gaming habits with the bountiful time in their grasp.

While gaming serves as a boosting engagement, it is important to have the kit and accessories to ensure the seamless and immersive experience of gaming. Especially for those who have just adopted gaming as a new hobby and do not want to invest steeply in buying the expensive accessories, we bring a perfect start-up kit to you that is sure to pave your path to the next level

Logitech G331: Enjoy the whole experience of all your favorite games with Logitech G331 gaming headset that produces big sound to get you into the game. Experience the thrill of a complete gaming experience where you hear everything and everyone hears you. The 6 mm mic ensures that your squad-mates can hear you clear and distinct. It also has an option of Flip-to-mute boom that silences you when you don’t want to be heard. The headphone is all set to work with your PC or Mac or with gaming consoles including PlayStation 4™, Xbox One™, Nintendo Switch™, and mobile devices via 3.5 mm cable. In fact, everything about these headphones is about comfort: The deluxe lightweight leatherette ear cups and headband are made to keep pressure off your ears that is available at Amazon.in at an offer price of INR 5995 .

Logitech G213: Sitting at your gaming desk in front of your gaming monitor might be the way for most PC gamers, but unless you’ve got a killer set-up with a solid keyboard, it may still not satiate your gaming soul. With a RGB color spectrum illumination lets you easily personalize up to 5 lighting zones from over 16.8 million colors to match your style and gaming gear, the Logitech G213 ensures you have a great customisable gaming experience. The G213 comes with a  performance that is up to 4x faster than standard keyboards and features keys that are specially tuned to deliver a superior tactile experience. The dedicated media control allows you to quickly play, pause, skip and adjust the volume of music right from the keyboard. the brilliant color spectrum. The G213 also offers 12 function keys with custom commands and more with free Logitech gaming software. This keyboard is available at Amazon.in at an offer price of INR 4995

Logitech G102 LIGHTSYNC: It is of paramount importance to have an exact grip and size while using a gaming mice. With LIGHTSYNC RGB lighting across, Logitech G102 is designed to work seamlessly in any system to enhance your gaming experience. The classic six-button design provides both comfort and confidence that can be customised across 16.8 million colours so you can explore, cast spells, and play just like you want. With 8,000 DPI sensor – The gaming-grade sensor responds precisely to your movements. But if you’re looking to fine-tune controls, free-to-download customization software is easy to use and set up with Logitech G HUB software. it is a complete customization suite that allows you to personalize lighting, sensitivity, and button commands on your G102 mouse. It is available in Amazon.in at an offer price of INR 1985.

Continue Reading
Advertisement

Trending