‘The ease of deploying crypto-mining software to third-party computers makes it a lucrative vector for attackers to target online users.’
Shifting from ransomware-related attacks to crypto-mining malware
Gone are the days of ransomware attacks where cybercriminals used to infuse malicious malware in your computers while locking important files and demanding hefty ransom in return to unlock them. According to the latest report from the Russia-based cyber security company – Kaspersky Lab, there has been a significant decline in ransomware attacks on computers and mobile devices reported over the last year.
The report mentions: “The total number of users who encountered ransomware fell by almost 30%, from 2,581,026 in 2016-2017 to 1,811,937 in 2017-2018.” However, don’t confuse this with any reduction in the cybercriminal activities taking place online. The report mentions that there has been a significant shift from ransomware-related attacks to crypto-mining malware which is popularly referred to as ‘cryptojacking’ these days.
How to spot cryptojacking?
Cryptojacking is turning increasing popular and lucrative over the traditional ransomware attacks for hackers. Cryptojacking is a malicious malware attack where hackers run a cryptocurrency mining software on your computer devices (smartphones, tablets, laptops and others) to mine digital currencies by using your device’s processing power. This software performs mining without the consent of the device owner.
The Kaspersky Lab report states that during the same period of reduction in ransomware attacks, there has been a 44.5% jump in the number of malicious miners present online. The Kaspersky Lab researchers explained that “Crafty cryptominers have moved up to take ransomware’s place, invading users’ and businesses’ computers and devices and taking advantage of their power to put cryptocurrency in the pockets of thieves.”
Mobile mining wave is approaching?
The report also states that in addition to PC based attacks, there has been a steady growth in mobile-based mining attacks. The report states: “It is highly likely that the additional growth of mining will come at the expense of mobile miners. For now, they are growing, but at a very steady pace. However, once criminals find a technological solution that makes the profits from mining on mobile devices equivalent to those from mining on PCs, mobile mining will quickly become equal.”
The report also goes to mention that attackers have been specifically targeting users of developing countries like China and India which account to one-third of world’s smartphone market. Currently, the most affected developing countries for mobile-based mining attacks are Venezuela, Myanmar, and Nepal.
Another similar “Threats Report” published by American cybersecurity firm McAfee notes that there has been a staggering 629% rise in cryptojacking activities during the Q1 of 2018. In a word with Financial Times, Steve Grobman, CTO of McAfee, stated: “With the rise in the value of cryptocurrencies, market forces are driving criminals to crypto jacking and the theft of cryptocurrency.”
Coin Miner Malware Threat
Data from McAfee Labs shows that it has detected over 2.9 million cases of “coin miner malware” infections in Q1 2018 against 400,000 such cases in Q4 2017. The report notes: “This suggests that cybercriminals are warming to the prospect of monetizing infections of user systems without prompting victims to make payments, as is the case with popular ransomware schemes. Compared with well-established cybercrime activities such as data theft and ransomware, cryptojacking is simpler, more straightforward, and less risky. All criminals must do is infect millions of systems and start monetizing the attack by mining for cryptocurrencies on victims’ systems. There are no middlemen, there are no fraud schemes, and there are no victims who need to be prompted to pay and who, potentially, may back up their systems in advance and refuse to pay.”
How to protect PC from malicious cryptomining?
With the unprecedented growth of investor-engagement in the cryptocurrency space, there has been a pressing need to address the issue of cryptojacking and prevent the malicious players from targeting online users.