New cryptomining malware doesn’t need a browser session to operate

Antimalware company Check Point has released their latest Most Wanted Malware report for March, and it’s warning of a surge in cryptomining malware attacks driven by the XMRig malware. Cryptomining malware, which uses the computing resources of an infected machine to mine cryptocurrency on behalf of the attacker, has been booming in the past several months, both on PCs and mobile devices. What makes XMRig worthy of particular attention is that it signals a departure from previous cryptomining malware models, which have generally required an open browser session.

XMRig is endpoint malware, meaning it infects the target machine and can operate without an active browser session, a shift which spells trouble for security professionals. “Cryptomining malware has been quite the success story for cybercriminals, and XMRig’s rise indicates that they are actively invested in modifying and improving their methods in order to stay ahead of the curve,” Maya Horowitz, Check Point’s threat intelligence group manager, said in the report.

Read more about the XMRig cryptomining malware, which doesn’t need a browser session to operate, on TechRepublic.