Cryptojacking is becoming more common in the global threat landscape. Different kinds of attackers are switching to crypto mining. One reason for this may be that it is one of the easiest ways to make money without people knowing. Malicious miners can infect machines and earn a stable profit for their operators. Mining malware can remain in a target system unnoticed for months or longer.
Unpatched vulnerabilities are an attractive sight for miners
Attackers mostly distribute malicious files to consumer devices through pirated content such as games, torrent links, music files, etc. Cybercriminals use unpatched vulnerabilities to spread malicious activity. One of the most common types of threats is miners. They infect a lot of devices with this type of software. To deliver miners to more powerful devices used by businesses, attackers can hack the victim’s server and distribute miners through unpatched vulnerabilities in the OS and other software.
Furthermore, in 2022, the number of attacks that used hidden mining software increased. This year, nearly one out of every seven attacks that exploits vulnerabilities, uses miner software. In Q3, miners became even more common than backdoors, which were the primary choice of cyber criminals in the first half of 2022. They accounted for one-sixth of all vulnerability exploitation attacks.
Cybercriminals use malware to mine digital currency without users’ consent. They also use legitimate mining programs with open-source code to save resources on malware development and avoid detection. However, these tools can be loaded by mining malware and used for cryptojacking.
Malware variants increased by 3-fold in 2022
The number of new malicious software modifications that mine cryptocurrency increased dramatically in 2022. Kaspersky detected 215,843 new modifications of miners in the first 10 months of 2022. This is more than two times the rate during the same period in 2021.
In Q3 2022, the number of new malicious miners increased by more than three times the number in Q3 2021. This may be because, after hitting their lowest rates in late June and the beginning of July, cryptocurrencies only grew slightly at the end of the month. Analysts are of the opinion that cybercriminals were trying to take advantage of the predicted growth in the crypto market. However, the market did not grow as expected.
Number of new miner modifications
According to studies, Monero is the most mined cryptocurrency by the cybercriminals. This is followed by Bitcoin and Ethereum. Other cryptocurrencies mined by hackers are Litecoin, Bit Hotel, Dash, Dogecoin, and Neo. The country that was targeted the most by cryptojackers in Q3 2022 was Ethiopia (2.38%). In the second place was Kazakhstan (2.13%), followed by Uzbekistan (2.01%).
Prevent cryptojacking malware infection on devices
Cryptocurrencies are still appealing to cybercriminals, even though the market for them is down. This is because cryptojacking attacks, which use stolen computer power to mine for cryptocurrencies, remain profitable and easy to do. They also can slow down infected systems while increasing the victim’s electricity bill. So, companies and users need to stay alert to current threat trends.
Protect your computer and other devices from being used to mine cryptocurrency by using reliable cyberprotection solutions, downloading software and media only from the official sources, and timely updating your operating system and other software.
Corporates can keep their devices protected by keeping their software updated, introducing cybersecurity policies in the organization, and employing endpoint security solutions that can detect malicious activities and manage vulnerabilities.