The practice of surreptitiously mining cryptocurrency on other people’s hardware is becoming pervasive, overtaking ransomware as a tool of choice for extorting money online.

This week, cybersecurity firm Check Point published its regular Global Threat Index. It shows that Coinhive, a piece of software that uses processing power on someone’s device in order to mine cryptocurrency, has become the most prevalent form of malware on the Internet. Another piece of cryptojacking malware, called Cryptoloot, is now the third most prevalent.

The rogue software exploits the way many cryptocurrencies are mined in order to turn a buck. Bitcoin and many of its newer rivals are given as rewards for performing the computationally demanding cryptographic operations that underpin the transaction records of the currencies—a process known as mining. Steal someone’s computing power by embedding such code in websites or software, and you can make money. Steal enough, and you can make a lot (see “Hijacking Computers to Mine Cryptocurrency Is All the Rage”).