Over the past year, the rapid increase in cryptocurrency values has led to cyber criminals trying to cash in on this highly profitable revenue stream. By distributing their coinminers through their botnets, they get access to vast computing power with its victims paying the computing cost.
According to Symantec, these coinmining attacks known as cryptojacking have increased by 8,500 percent in 2017, based on its endpoint detections. The once thriving ransomware market has become overcrowded, leading to cyber criminals adding the much more profitable coin miners to their toolkit.
Crytojacking targets everything from limited cloud-connected consumer electronics to giant data centres. These include smartphones, home and business PCs, IoT devices and even Macs. Symantec claims to have detected an 80% increase in coin mining attacks targeting the Mac OS. With the help of browser-based attacks such as rogue ads, coining can take place without downloading malware.
For consumers, this parastic CPU usage can lead to devices slowing down, rapid battery depletion and expensive electric bills. Larger organisations face hefty CPU usage costs, such as hitting “pay as you use” cloud computing services. Corporate networks also become less productive due to the coin mining malware starving server applications of CPU resources.
Despite the limited computing power of IoT devices, the lack of updates for discontinued products has led to a 600% increase in IoT attacks in 2017, according to Symantec. The number of mobile malware variants has also risen by 54% for a similar reason. Just 20% of Android devices run the newest version and just 2.3% with the latest minor release.
In 2017, symantec claims that 71% of targeted attacks began with classic spear phishing and just 27% involve zero-day vulnerabilities. Another growing method of malware distribution involves compromising the software supply chain, with a 200% increase in attacks in 2017 such as the Petya malware.
Further details can be found in the source press release.