November 28, 2018 10:31 PM
Malware is increasingly crypto-oriented and easy to produce, says a new report from Kaspersky Lab. What’s worse, cryptojacking programs are going undetected on home and company PCs.
The latest Security Bulletin 2018[1] from Kaspersky Lab analyzes threats across the year and finds that "cybercriminals are investing resources in the development of new mining technologies." These new cryptojackers and miners are "gradually replacing ransomware Trojans."
Though Kaspersky has found that the number of general DDoS attacks has declined across the internet, the reason, according to its experts, is most likely to be "the 'reprofiling' of botnets from DDoS attacks to cryptocurrency mining."
Illegal cryptocurrency mining, says Kaspersky, has started to draw as much, or more, attention as ransomware attacks do. It also appears to be a less competitive arena than DDoS attacks. And compared to ransomware threats, cyberjackers are less likely to be reported to authorities.
It's also profitable. Though "hidden mining activity" declines when cryptocurrency prices fall, five percent of all Monero coin has reportedly been generated by illegal cryptomining malware. Monero is popular with illicit actors due to its anonymity, value, and how easy it is to sell and trade. It's estimated[2] that illegal Monero mining has earned attackers around $175 million.
It's increasingly easy for cybercriminals to create mining malware due to the availability of "ready-to-use affiliate programs, open mining pools, and miner builders." Embedding illegal mining scripts in websites is another route followed by illicit actors. The threat is also going unnoticed, Kaspersky warns:
"It might be quite a while before the user notices that 70–80% of their CPU or graphics card power is being used to generate virtual coins."
All the while, mining malware is also becoming more sophisticated. Kaspersky Lab cites cryptomining malware "
