Cryptojacking — the process of infecting computers with malware to mine cryptocurrency — has declined alongside prices during cryptowinter. But like any dextrous organism facing extinction, the virus and its propagators are adapting.
According to a report[1] by cybersecurity analytics firm Symantec, cryptojacking incidents have plummeted 52 percent since January 2018, but the method of delivery, the execution and the targeting schemes have grown more sophisticated.
Specifically, Symantec’s latest report focused on Beapy, a cryptojacking campaign sweeping through Asia by taking specific aim at business and enterprise. Using a software exploit called EternalBlue, which was developed by the United States’ own NSA[2], the virus is spread via email. Symantec first tuned into the growing threat in January of this year.
With infection rates spiking in March and continuing an exponential upward trajectory since, the firm has concluded that, based on the virus’s infection route, “it was probably always intended to spread throughout enterprise networks.” Described as a “worm” by the report, the virus effectively infiltrated vulnerable devices and, using a matrix of cyber tunnels, bored its way into devices connected to the same server or network.
“This campaign demonstrates that while cryptojacking has declined in popularity with cyber criminals since its peak at the start of 2018, it is still a focus for some of them, with enterprises now their primary target,” the introduction to the report asserts.
Graph courtesy of Symantec
Some 98 percent of infected parties are enterprise related, the report continues, mirroring 2018 trends in ransomware attacks wherein a drop in overall threats corresponded with an increase in enterprise-focused infections. These attacks, Symantec Threat Intelligence Analyst Allan Neville told Bitcoin Magazine, can “[render] some devices unusable due to high CPU usage.”
China has become the main target of this
