The surge in the popularity of cryptocurrency mining malware that started in the last quarter of last year has continued unabated into the first half of 2018.
According to McAfee Labs, cryptocurrency mining malware attacks increased by 86% in the second quarter of this year. While the primary target of cryptocurrency mining malware has remained personal computers, cryptojackers have increasingly turned their attention to devices such as smartphones and other gadgets possessing an internet connection.
Per Christian Beek, the lead scientist at McAfee Advanced Threat Research, the interest in devices other than PCs for planting cryptomining malware has been brought about by the fact that they are greater in number and they tend to possess weaker security controls:
“A few years ago, we wouldn’t think of internet routers, video-recording devices, and other Internet of Things devices as platforms for cryptomining because their CPU speeds were too insufficient to support such productivity. Today, the tremendous volume of such devices online and their propensity for weak passwords present a very attractive platform for this activity.”
Ransomware Down, Cryptomining Malware Up
The cybersecurity firm also noted that the growth of cryptocurrency mining malware has enjoyed an inverse relationship with ransomware in the past few months. Ransomware attacks, for instance, declined by 32% in the first quarter of this year at a time when cryptomining malware grew at a rate of 629%. In June this year, Kaspersky Labs also came to a similar finding noting that there had been a drop in ransomware attacks of close to 30% between 2017/2017 and 2017/2018 while cryptojacking attacks increased. On mobile devices, the decline in ransomware attacks was around 22.5%.
In a report titled Blockchain Threat Report, McAfee Labs laid emphasis on ensuring software updates and patches are made since this known vulnerabilities were the most common to be exploited:
“It can be costly and time consuming for bad actors to write their own malware. Rather than research and write their own exploits, many malware authors choose publicly disclosed exploits and known vulnerabilities, assuming that a significant number of machines remain unpatched and open for attack.”
It Could Get Worse
As previously reported by CCN, the report by McAfee Labs echoes a similar one by Malwarebytes Labs which found that illegal cryptocurrency mining growth in the second quarter of 2018 was lower than in the first quarter. The Malwarebytes Labs report concluded that while attacks on the scale of the NotPetya and WannaCry ransomware were yet to be matched this year, this could change in the run-up to the end of the year with the SamSam and VPNFilter malwares specifically mentioned.