Detected instances of cryptojacking – the unauthorized commandeering of computer resources to mine cryptocurrencies – went up nearly 1000% in the first six months of 2018. This is one of the insights presented in the Trend Micro midyear roundup report titled “Unseen Threats, Imminent Losses”.
Released on August 28, the report states that methods employed by hackers to extract value from device owners have shifted from ubiquitous, highly visible malware attacks to the relatively silent but no less devastating deployment of cryptojacking.
A quote from Trend Micro summary of the report reads:
“Throughout the next few months, we also saw a noticeable shift away from highly visible ransomware to a more discreet detection: cryptocurrency mining. These damaging threats — from the miners that quietly leech power from victims’ devices to the serious vulnerabilities that leave machines open to covert attacks — split limited security resources and divide the focus of IT administrators.”
In June, CCN reported that Kaspersky Labs expressed a similar opinion, stating that cybercriminals are slowly moving away from ransomware toward cryptojacking.
According to the Trend Micro report, detection of unauthorised cryptocurrency mining more than doubled from the second half of 2017, which was not completely unexpected given that the 2017 annual report predicted a marked uptick in future cryptojacking incidents.
Even more interestingly according to the report, Trend Micro’s researchers also detected a growing number of cryptojacking malware families, which would seem to indicate that the already keen interest of cybercriminals in cryptojacking is growing.
1H 2018 Cryptojacking Statistics
According to the report, the first 6 months of this year saw Trend Micro’s security systems record a 141% increase in cryptojacking detection. In the same period, 47 new cryptocurrency miner malware families were detected, and the tactics of cybercriminals kept changing and evolving constantly.
In January, malvertising was detected in Google’s DoubleClick program and in February, advertisements were injected by the Droidclub botnet into websites. In March, cybercriminals favoured the Adware downloader ICLoader and in April, web miner script was found on AOL’s ad platform.
Earlier, CCN reported that one in three UK businesses were hit by cryptojacking in July 2018. Monero remains the cryptocurrency of choice for cryptojackers, illustrated by another report which showed that over 200,000 ISP-grade routers were have been affected by a Monero cryptomining attack.
unwanted crypto mining on a computer or a network can have a host of negative effects including slowing down performance, wearing down hardware and increasing power consumption greatly. In the context of an enterprise environment which is reliant on several networked devices, this problem is exponentially magnified.
Security researchers have urged network administrators to protect themselves from cryptojacking by constantly monitoring power usage and looking out for suspicious or unauthorised activity.