Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
RiskIQ Digital Threat Management Platform Datasheet
Learn about our platform and products.
Read the Datasheet
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
September 26, 2017, Mike Browning
Fig-1 A listing of domains running Coinhive in a RiskIQ Community Edition Public Project
To see the indicators associated with Coinhive, visit our RiskIQ Community Public project here.
Of course, this Monero mining technique is also an opportunity for bad actors to spin up fake, illegitimate websites to siphon money off of major brands with typosquatting domains. By leveraging domains or subdomains that appear to belong to major brands, these actors trick people into visiting their sites running the Coinhive Monero mining script to monetize their content. In the 991 domains we found, there were many examples of typo-squatting and domain infringement.
Unfortunately, Security teams lack visibility into all of the ways that they can be attacked externally, and struggle to answer the question, “where are the weaknesses in the armor?” The answer lies in understanding what belongs to your organization, how it’s connected to the rest of your asset inventory, and what potential vulnerabilities are exposed to compromise. In the case of Coinhive, it means being able to inventory all the third party code running on your web assets, and being able to detect instances of threat actors leveraging your brand on their illegitimate sites around the internet.
Currently, 92% of customers using RiskIQ Digital Footprint Enterprise had, at best, partial visibility into their internet-exposed digital assets before partnering with RiskIQ, half of which claimed to increase their insight into digital threats by at least 50% with our automated discovery and management capability.
Signing up for RiskIQ Community Edition now gives you access to one of the most popular RiskIQ products–Digital Footprint. When you sign up or sign in with your organizational email address, you get a glimpse into your organization’s attack surface.