The popularity of cryptocurrencies has continued to expose digital currencies to malicious attacks over the course of the year. In fact, file-based apps that mine computer resources, also known as coinminers, are now the most popular mode of attack used by cybercriminals.
Ransomware, the malware that took the world by storm in 2017, has been overtaken by coinminer malware for the first half of 2018, according to the San Jose-based security firm, Skybox Security. In its mid-year Vulnerability and Threat Trends Report, it found a significant shift in cybercriminals' approach, with coinminers accounted for 32 percent of all cyberattacks from January to June this year.
The number of ransomware attacks dropped by 8 percent, from 32 percent for the second half of 2017 to 24 percent for the first half of 2018.
In a statement to IBTimes India, Ron Davidson, chief technology officer and vice president of Research and Development at Skybox, said coinminers, unlike ransomware, are pretty straightforward to operate with full assurance that threat actors will get something out of their activities.
With cryptominers, the criminals can go straight to the source and mine cryptocurrency themselves. There's no question of if they'll be paid or not.
Once a malicious coinminer app is installed on a computer's system, it uses the computational power of compromised assets to develop new blocks in the blockchain of digital currencies, like Ethereum, Bitcoin, and Monero.
As opposed to ransomware where the attackers specify the ransom for encrypted files as well as the detailed instructions on how victims can pay, cryptomining eradicates the need for attackers to ask its victims how much they want. They take full control of the amount of money they want to generate. To top it all off, the attackers can do this activity in long repetitive periods of time as the victims are not notified by such an activity.
One way to tell if a computer is infected by a coinminer malware is to look at its high CPU and GPU usage. With all these in mind, it comes as no surprise that cybercriminals are now turning to coinminers.
Check out our mid-year update to the Skybox Security Vulnerability and Threat Trends Report analyzing vulnerabilities, exploits and threats in play. Compiled by our team of security analysts at the Skybox® Research Lab. Read the full press release. https://t.co/KyquohfyTO
— Skybox Security (@SkyboxSecurity) July 18, 2018
"Cybercriminals found — in cryptomining— a path of lesser resistance. The recent uptick in the value of cryptocurrencies also made this an incredibly profitable attack option," said Marina Kidron, director of Threat Intelligence at Skybox.
Mobile device users are warned to be cautious about downloading and install apps from app stores as Skybox found malicious cryptominers targeting these gateways.