The highest number of recorded incidents of Coinhive cryptojacking software have taken place in Brazil, Iran’s country’s cybersecurity authority revealed in a report Monday, October 8.

According to the Iranian authority’s report on malware in 2017, Brazil, the country with the most reported cases, has been hit over 81,000 times by Coinhive. India came in second with around 29,000, followed by Indonesia with more than 23,000, while Iran scored about 11,000.

Coinhive, the cryptocurrency mining software which mines Monero (XMR), provides an Application Programming Interface (API) to developers, which then lets the developer use a website visitors’ CPU resources to mine the privacy-centered altcoin.

According to a study in May, around 300 websites worldwide contained malicious code which would lead to a device becoming infected with Coinhive without users’ knowledge. More recently, the software has been removed from League of Legends Philippines, and police in Japan investigated a cryptojacking case with Coinhive used as malware.

Relating to Iran specifically, CERTCC found the capital Tehran to be most contaminated with 606 reports, followed by Esfahan with 244.

“It is expected to be one of the security challenges in years to come,” the report’s authors forecast.

As Cointelegraph has reported, overall cryptojacking malware reports surged almost 500 percent in 2018. According to calculations in June, around 5 percent of the total circulating Monero supply was mined using such illicit techniques.