News

Cryptojacking Shot Up 8500% in 2017; How Criminals are Exploiting Your Computing Power to Mine Coins

0 Comments

Cryptocurrency mining attacks have gone through the roof, a report from Symantec dated April 10 indicates. The attacks also known as cryptojackings have gone up a record 8500% as criminals seek to harness the computing power of the crowd to mine coins. Symantec logged 1.7 million in December alone.

Cryptojacking involves using the computer resources of another person to mine coins without their knowledge. The process typically consumes a lot of electricity and compromises a computer’s performance.

Mining

2017 was yet another year of extraordinary cyber crime and mounting damage,  Symantec says. Criminals are becoming more organised, innovative and sophisticated, the security company says in its latest report.

According to David Rajoo, Symantec’s systems engineer director for Philippines, Malaysia and Indonesia “Cryptojacking is a rising threat to cyber and personal security.”

Mining remains a major attraction after cryptocurrencies exploded in value in 2017. Mining is the process through which new coins are created by solving complex algorithms.

“The massive profit incentive puts people, devices, and organizations at risk of unauthorized coin miners siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers,” Rajoo said.

“Coin mining slows devices and overheats batteries. For enterprises, coin miners put corporate networks at risk of shutdown and inflate cloud CPU usage, adding cost,” the Symantec report says.

IoT Devices Ripe Target

IoT devices are a ripe target for such attacks, the report notes. “Symantec™ already found a 600 percent increase in overall IoT attacks in 2017, which means that cyber criminals could exploit the connected nature of these devices to mine en masse.”

Interestingly, ransomware attacks have gone down although they have become more varied. This could indicate that criminals are finding mining more profitable.

It could also mean they have found more efficient tools. Wannacry was the most prominent and widespread ransomware attack. Several high profile institutions were hit by the service denial attack including the UK’s NHS and prominent shipping companies. The hackers demanded payment in cryptocurrencies.

According to Symantec, ransomware variants climbed by just 46% in what they say criminals are innovative less but remaining productive.

Mining Extensions

Google recently banned new cryptocurrency mining extensions over similar concerns. Existing ones will be pulled down from the Web Store by the end of June according to the tech giant. Google made the blanket decision after discovering a high number of extensions containing crypto miners were mislabelled.

Spear Phishing Main Mode of Attack

Spear phishing is the most popular way attacks are generally launched constituting 71% according to Symantec. It involves sending mail with malicious software designed to steal information from users.

Hacker

Customers are advised not to open suspicious email as a way of avoiding attacks. These should also be deleted.

Spear phishing is a low tech method but remains highly effective. The US remains a major target for such attacks.

Attacks Through Supply Chain

Attacks through software supply chains went up 200% in the last year. This method involves implanting malware into legitimate software and leaving them in their usual location of distribution online.

As vulnerabilities become rare, attackers are increasingly using this method as an entry point. The Petya/Not Petya attack where a Ukrainian accounting software was used as a Launchpad is a case in point.

From Ransomware to Cryptojacking

The ransomware market seems to have shrunk since 2016 and the focus shifted to crypto-mining in 2017 as an alternative. Ransom demands, for example, dropped by half to $522 in 2017, Symantec points out.

Hacking

Bitcoin mining is not a viable option on small computers due to sheer computing power needed. Alternative cryptocurrencies like Monero can, however, be easily mined through ordinary personal computers. Monero also has the advantage of anonymity.

Browser Mining Saw Biggest Jump

Browser based mining saw the biggest jump in 2017. This happens inside a browser and “implemented using scripting languages.”

The launch of browser based mining by Coinhive spurred interest in this area. In this model, users are given the option of running mining scripts on their computers instead of having to view adverts.

While users are urged to be transparent, Coinhive “is somewhat powerless to prevent unscrupulous operators from using it to carry out secret mining with the hope that users won’t notice.”

Browser based mining requires little skills and can be carried out even in some of the most protected computers.

As most users may not realise their computers are mining coins, the option presents a less disruptive way of earning easy money for attackers.

8 Million Mining Events Blocked in December Alone

Symantec blocked 8 million coin mining events in December alone marking an increase of 34,000 per cent since January 2017.

“Coinminers made up 24 percent of all web attacks blocked in December 2017, and 16 percent of web attacks blocked in the last three months of 2017, demonstrating the big impact of these browser-based coinminers,” Symantec said.

Consumer machines were the most affected. They work best on sites where consumers spend the maximum amount of time. Browser-based mining also means they work across several platforms whether they be Windows or Mac.

Crypto mining

“Just as they are not limited to one operating system, cybercriminals distributing coin miners do not seem to be limited to using just one distribution vector. In the latter part of 2017, there were multiple reports of campaigns spreading coinminers.”

Miners use different distribution channels including deploying miners to unpatched machines, using Facebook and Messenger to install Monero miner on compromised WordPress sites. One such attack is said to have generated $100,000 before it was discovered.

Mobile malware continues to grow with variants up 54% in 2017.

Leave a Reply

avatar
  Subscribe  
Notify of
close-link

Risk Warning: Investing in digital currencies, stocks, shares and other securities, commodities, currencies and other derivative investment products (e.g. contracts for difference (“CFDs”) is speculative and carries a high level of risk. Each investment is unique and involves unique risks.

CFDs and other derivatives are complex instruments and come with a high risk of losing money rapidly due to leverage. You should consider whether you understand how an investment works and whether you can afford to take the high risk of losing your money.

Cryptocurrencies can fluctuate widely in prices and are, therefore, not appropriate for all investors. Trading cryptocurrencies is not supervised by any EU regulatory framework. Past performance does not guarantee future results. Any trading history presented is less than 5 years old unless otherwise stated and may not suffice as a basis for investment decisions. Your capital is at risk.

When trading in stocks your capital is at risk.

Past performance is not an indication of future results. Trading history presented is less than 5 years old unless otherwise stated and may not suffice as a basis for investment decisions. Prices may go down as well as up, prices can fluctuate widely, you may be exposed to currency exchange rate fluctuations and you may lose all of or more than the amount you invest. Investing is not suitable for everyone; ensure that you have fully understood the risks and legalities involved. If you are unsure, seek independent financial, legal, tax and/or accounting advice. This website does not provide investment, financial, legal, tax or accounting advice. Some links are affiliate links. For more information please read our full risk warning and disclaimer.