Crypto intro template
Much like other strains of loader, CoinLoader typically serves as a first stage malware that allows threat actors to gain initial access to a network and establish a foothold in the environment before delivering subsequent malicious payloads, including adware, botnets, trojans or pay-per-install campaigns. After establishing communication channels with CoinLoader servers, affected devices were observed carrying out a range of cryptocurrency mining activities. XDR prevention capabilities extend to all Check Point devices and products, allowing it to take actions like removing malicious files from the endpoints, and add indicators of compromise of all files, URLs, domain addresses and IPs to be blocked by endpoints, gateways and mobiles. Regularly updating this list can help, although it requires constant vigilance to stay ahead of new mining sites.