Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Finance

Posted By Gbaf News

Posted on June 29, 2018

RiskIQ maps and analyses the swelling cryptocurrency miner landscape

New research finds hundreds of hosts running cryptocurrency miners in the Alexa Top-10,000

 –RiskIQ, the global leader in digital threat management, today released an infographic mapping and profiling the global cryptocurrency mining landscape, which has swelled in size due to the rush by companies and threat actors alike to capitalise on cryptocurrency’s skyrocketing valuation.

The infographic is based on data collected by RiskIQ’s web crawling infrastructure, which downloads and analyses website content to identify the individual technical components that load when rendered to detect cryptocurrency miners across the Internet. The research highlights the influx of revenue-generating miners in domains in the Alexa top-10,000 and analyses their attributes, such as prevalence, longevity and associated infrastructure.

Since these miners require an expensive amount of computing power — Fundstrat reported that the cost of mining a single Bitcoin reached about $8,038 and the costs of mining other coins are not far behind — actors often source it from unwitting users. To do so, they take advantage of the fact that security teams lack visibility into all the ways that they can be attacked externally and struggle to understand what belongs to their organisation, how it’s connected to the rest of their asset inventory and what potential vulnerabilities are exposed to compromise.

While some brands capitalise by running cryptocurrency mining scripts in the background of their sites to leverage the computers of their visitors legally, threat actors exploit this blind spot to hack vulnerable sites or spin up fake, illegitimate websites to siphon money, often with typosquatting domains and fraudulent branding. RiskIQ reported back in February that an upwards of 50,000 total websites have been observed using Coinhive in the past year–many of them likely without the original owner’s knowledge.

“In the case of cryptocurrency mining scripts, organisations must be able to inventory all the third-party code running on their web assets and be able to detect instances of threat actors leveraging their brand on illegitimate sites around the Internet,” said Adam Hunt, chief data scientist at RiskIQ. “Threat actors realise the lack of visibility these organisations have and are targeting it accordingly.”

The report found that threat actors leveraging domains or subdomains that belong, or appear to belong, to major brands, trick people into visiting their sites running cryptocurrency mining scripts to monetize their content.

Report highlights include:

  •      The amount of cryptocurrency miners RiskIQ observed over a 23-week period
  •      The average amount of time a cryptocurrency mining script is active
  •      Most popular cryptocurrency mining scripts
  •      Number of hosts running cryptocurrency miners in the Alexa top-10,000
  •      Top-level domains utilized by cryptocurrency miners
  •      Top-5 geolocations of cryptocurrency miners

Recommended for you

  • Allianz CEO says he expects less 'extortion' from fines under Trump govt

  • Private equity exits set to recover under Trump, says Ardian exec

  • Explainer-Prince Harry settles lawsuit against Rupert Murdoch's UK newspaper group