2018 has proven to be the year of cryptocurrency mining malware. Cybercriminals are increasingly abandoning other forms of malware and ransomware in favor of malware capable of hijacking processors and mining cryptocurrency.
Mining cryptocurrency requires computers to solve the complex problems necessary to verify cryptocurrency transactions and add them to the blockchain ledger. That requires considerable processing power and takes time. In exchange for performing the service, the miner that solves the problem is rewarded with a small amount of cryptocurrency. In order for this to be profitable, considerable computer processing power is required. That can be achieved in two ways. Buying the hardware or hijacking other people’s computers.
The high value of cryptocurrencies makes mining an attractive prospect, especially if a cybercriminal can recruit an army of computers to perform the processing. One computer can earn a few dollars a day. 10,000 computers infected with cryptocurrency mining malware makes this an extremely profitable operation. That fact has not been lost on cybercriminals.
2018 has seen a massive rise in the use of cryptocurrency mining malware. In the first quarter of 2018, McAfee reports there was a 629% rise in the number of cryptocurrency mining malware samples it intercepted. That upward trend has continued throughout Q2. According to the September McAfee Threat Report, there was a further 86% increase in detected cryptocurrency mining malware samples in Q2.
“Exploiting cryptomining malware is simpler, more straightforward, and less risky than traditional cybercrime activities – causing these schemes to skyrocket in popularity over the last few months. In fact, cryptomining malware has quickly emerged as a major player on the threat landscape,” said Raj Samani, chief scientist at McAfee.
While PCs are most commonly targeted, cybercriminals have now branched out and are also using other Internet-connected devices to mine cryptocurrency, including Android smartphones. These devices have far lower processing power than PCs, but since they are relatively easy to hijack, the sheer number of devices that can be infected more than makes up for their low processing power.
There has also been a major rise in the use of malware that exploit software vulnerabilities. These types of malware increased by 151% in Q2, 2018. “WannaCry and NotPetya provided cybercriminals compelling examples of how malware could use vulnerability exploits to gain a foothold on systems and then quickly propagate across networks,” said Christiaan Beek, Lead Scientist and Senior Principal Engineer at McAfee. Many malware variants have been created that mimic WannaCry and NotPetya.
The McAfee report also shows there was 57% growth in ransomware samples in the past year, and while use is still growing, popularity is waning with only 27% growth seen in Q2, 2018.