Cryptojacking, the secret use of a computing device to mine cryptocurrency, has surged 629 percent in 2018, according to the latest report by computer security firm McAfee.
A rise from 400,000 in Q4 2017
On average, five new threat samples were found every second in 2018 Q1, totaling 2.9 million. This represents a massive 629 percent growth in cryptojacking and other malware.
The growing popularity of cryptojacking is attributed to the low barrier to entry for hackers, which can generate money without too much investment. This is generally done via in-browser fallacies exploited to mine cryptocurrency, then diverting directly to the hackers—much easier than having to use ransomware to extract funds.
Steve Grobman, CTO at McAfee, stated:
“Cybercriminals will gravitate to criminal activity that maximizes their profit. In recent quarters we have seen a shift to ransomware from data-theft, as ransomware is a more efficient crime. With the rise in the value of cryptocurrencies, the market forces are driving criminals to crypto-jacking and the theft of cryptocurrency. Cybercrime is a business, and market forces will continue to shape where adversaries focus their efforts.”
Cryptophishing Also on the Rise
Cryptojacking is not the only crypto-related crime to see an increase. Another nefarious activity, Cryptophishing, has been targeting both Bitcoin users and global financial organizations.
The Lazarus cybercrime ring launched a sophisticated cryptophishing campaign, which targets recipients who opened malicious email attachments – this searches for signs of bitcoin activity, and if it finds it, implants a bug that can gather data.
As cryptojacking matures, the criminals are becoming more sophisticated, and are now even more technically astute – according to McAfee.
“There were new revelations this quarter concerning complex nation-state cyber-attack campaigns targeting users and enterprise systems worldwide,” said Raj Samani, chief scientist, “Bad actors demonstrated a remarkable level of technical agility and innovation in tools and tactics. Criminals continued to adopt cryptocurrency mining to easily monetize their criminal activity.”
In January 2018, McAfee reported an attack that targeted organizations involved in the Pyeongchang Winter Olympics in South Korea. This was executed via a malicious MS Word attachment, containing a hidden script embedded within an image file.
Historically, cryptojackers have not shied away from targeting prestigious institutions. BTCManager reported in April 2018 that Aditya Birla Group, one of India’s top business conglomerates, was the first victim of a “cryptojacking” attack, and the websites of large companies and governments around the world have also been targeted.