Skuggaheimar/Threat Intelligence/Cryptomining Threats
CRYPTOMINING THREATS
CRYPTOJACKING
SECURITY TOOL / TECHNIQUE
ECRIME
Threat IntelligenceMalwareMay 23, 202515 min read

Cryptomining Threats: Threat Intelligence Profile

Unauthorized cryptocurrency mining

Scroll

Cryptomining Threats (also known as Cryptojacking, CoinMiner) is a security tool / technique active since 2017. Unauthorized cryptocurrency mining. Key characteristics include: XMRig abuse, browser mining, container targeting, cloud resource hijacking, TeamTNT campaigns.

Overview & Background

Unauthorized cryptocurrency mining. First identified in 2017, this threat is attributed to eCrime.

Threat Assessment

Cryptomining Threats remains an active threat. Organizations should implement detection rules and monitor for indicators associated with this security tool / technique.

Technical Analysis

Cryptomining Threats employs the following capabilities and techniques:

MITRE ATT&CK Mapping

TacticTechniqueUsage
Initial AccessT1566.001 Phishing AttachmentCommon delivery vector
ExecutionT1204.002 Malicious FileUser-triggered execution
PersistenceT1547.001 Registry Run KeysAutostart persistence
Defense EvasionT1027 Obfuscated FilesPayload obfuscation
C2T1071.001 Web ProtocolsHTTP/HTTPS C2

Detection & Defense

Defend Against Cryptomining Threats

Mjolnir Security provides detection and response capabilities against Cryptomining Threats and similar threats.

Threat DetectionIncident ResponseThreat HuntingMDR ServicesThreat Intelligence
  • Proactive Threat Hunting Hunt for Cryptomining Threats indicators and TTPs within your environment.
  • Threat Intelligence Monitor Cryptomining Threats campaigns and infrastructure changes.
  • 24/7 Incident Response Rapid containment and forensic investigation. Call +1 833 403 5875.
Written by: Mjolnir Security  |  Published: May 23, 2025
Related Reports
Tool

Cobalt Strike: Adversary's Arsenal

Read Report →
Tool

Metasploit Framework

Read Report →