One in three UK orgs hit by cryptojacking in previous month, survey finds

A total of 30% of organizations in the United Kingdom fell victim to a cryptojacking attack in the previous month, a recent survey among 750 IT executives across the UK has found.

The study, commissioned by Citrix and carried out by OnePoll in May 2018, also reveals that 59% of IT decision-makers have been alerted to covert cryptocurrency mining on their systems at some point in the past, rather than in the last month alone, Internet of Business reports. Of those, 80% were affected in the last six months, which roughly coincides with a surge in popularity of cryptojacking.

Meanwhile, 38% of the respondents said that they have never experienced such an attack.

The study also found that, in most cases (60% ), up to 50 devices were hit by cryptojacking. A total of 11% percent of the respondents said that over 100 machines were affected in the most recent attack. All respondents work in organizations of at least 250 employees each.

The plurality of the cases (38% ) were detected through network-monitoring solutions. Only one in six organizations discovered such an incident after noticing slower device performance, which helps illustrate the surreptitious character of the mining.

Cryptojacking, or the hijacking of the victim machines’ processing power to generate virtual currencies, can eat up much of the targets’ CPU resources. In so doing, it degrades system performance and ramps up energy bills for the victim. The attacks commonly involve injecting a mining script into a website or advert, or threat actors compromise a device with malicious mining code.

One prominent flare-up in covert mining occurred this February, when ne’er-do-wells added a mining script known as CoinHive into a browser plugin called Browsealoud that was then loaded by several thousand websites, including some in the public sector in the UK. If not caught by monitoring software, the script ran in the background – unbeknown to the visitor of the affected site – until the webpage was closed.

Given their computing power, enterprise servers are among especially lucrative targets for illicit cryptomining. At the same time, cryptocurrency-mining malware doesn’t shy away from cloud services, Android apps or, as documented by ESET researchers just days ago, third-party add-ons for a media player.