Ransomware, the flagship of malware, has spread terror and fear across businesses and users for years over the threat of lost data. Now, in 2018, Ransomware has some serious competition atop the cybercrime food chain….Cryptocurrency mining malware. According to Comodo Cybersecurity Threat Research Labs, cryptomining-based attacks have now topped ransomware as the number one security threat so far for 2018.
What is Cryptocurrency Mining Malware?
Cryptomining, cryptocurrency mining malware, or cyptojacking, terms so new that they haven’t yet been added to online spellcheckers, are forms of malware that hijack a computer’s resources and uses them to mine cryptocurrency, such as Bitcoin, without the user’s permission or knowledge. Since mining Cryptocurrency is a fairly resource extensive task on a singular PC or server, cryptocurrency mining malware has peaked the interest of hackers and data thieves as it leverages the processing power of multiple devices at the same time to earn some serious internet dough. Essentially, its malware that creates an army of cyrptomining machines the blindly does the bidding of their cybercriminal overlord.
In the first three months of 2018, Comodo said it detected 28.9 million cryptominer incidents out of a total of 300 million malware incidents.
While Bitcoin is the most popular and well known form of cryptocurrency, hackers actually are targeting other types of online currency, such as monero and dogecoin. In actuality, there are currently over 1600 forms of cryptocurrencies, with more surely to come in the next few years, meaning this this form of malware and illegal activity may be here to stay.
When it comes to the device type, virtually everything is at risk, including servers, computers, mobile devices and Internet of Things (IoT) connected devices as well. Furthermore, it is expected that as competition among hackers heats up, they will start focusing on high end devices with more computing power in order to maximize on their time investment.
Why is Cryptocurrency Mining Malware beating out Ransomware?
Cryptocurrency mining malware has been gaining traction over ransomware as a way to nab bitcoin as it often can go undetected for months, or even years, on a user’s system, while ransomware, on the other hand, immediately reveals its presence to the user. Also, ransomware attacks are generally considered hit or miss, as users may choose to sacrifice their data or restore a recent backup instead of forking out the cyber cash. Cryptocurrency mining malware, however, when dispersed over thousands of different devices, can generate millions in cryptocurrency.
Also, since ransomware dominated the news in the past few years, many companies have stepped up their ransomware security practices, making it harder for cyber criminals to earn digital coin with common ransomware attacks. This has pushed hackers into looking for new, more profitable methods for deploying their skills.
How Can I Tell if I’ve been Infected with Cryptocurrency Mining Malware?
Since this is a somewhat emerging threat, it may be a good idea to take a look if you have already fallen victim to this type of malware. Below are a few ways you can check:
- Monitor devices for high CPU usage
- Install a network monitoring solution
- Remind employees to notify IT if their devices are running slower than normal
Why Should I Care?
This threat represents another potential exploit into your systems and it also encourages attackers to re-prioritize achieving stealth and persistence for prolonged periods of time. While initially not as damaging and time consuming as ransomware, cryptocurrency mining malware can cause a significant spike on your computing resources and in some cases, render them unusable and even increase your electricity costs. Good security hygiene can help minimize the risk of your organization falling victim to these types of attacks, and you should continue to invest in security awareness training and an advanced anti-virus and anti-malware solution. Also, don’t forget the basics, such as patching regularly and monitoring for system vulnerabilities.