Cryptojacking against consumers—using someone’s computer to mine bitcoin without their consent—is much less common today than a year ago, according to a report by cybersecurity company MalwareBytes.

The rate of detection of these attacks has fallen over the last year and even over the last quarter. The report calls the practice “essentially extinct.” But the news is not all good: the same style of attack against businesses has become more common over the same period.

Get the BREAKERMAG newsletter, a twice-weekly roundup of blockchain business and culture.

One reason for the fall in consumer attacks appears to be the closure in March of CoinHive, a major provider software that could be used to mine bitcoin without the consent of a computer’s owner.

The report also identifies a link between the decline in cryptojacking detections and the slide in the price of cryptocurrency since last year. Hackers are “all but abandoning cryptomining in the face of market downturn.” It says the same connection was found between 2017 and 2018, too.

The cryptojacking pattern is part of a wider trend: Malware in general has shifted toward targeting businesses rather than consumers. Consumer malware detections in the first quarter of 2019 were down 25 percent compared with the same period of 2018; meanwhile, business detections were up 235 percent. “Overall, the indication that the focus of cybercriminals is shifting to businesses has never been more obvious,” says the report.

The fall in cryptojacking is no consolation to owners of cryptocurrency, however: “Mac users still storing bitcoin in Electrum wallets might have found themselves fresh out of cryptocash this quarter, as more than US$2.3 million were stolen by cybercriminals that took advantage of a vulnerability in the wallet to serve up Trojanized versions.”