Instances of cryptojacking malware have jumped more than 400 percent since last year, a new report finds.
A collaborative group of cybersecurity researchers called the Cyber Threat Alliance (CTA) published the report Wednesday, detailing the various and repercussions from cryptojacking – the illicit practice of hijacking a user's computer to mine cryptocurrencies.
Most notably, CTA points out in the research that the number of instances of illicit mining malware found has sharply spiked in the months from the close of 2017 to end of July 2018.
The report states:
"Combined data from several CTA members shows a 459 percent increase in illicit cryptocurrency mining malware detections since 2017, and recent quarterly trend reports from CTA members show that this rapid growth shows no signs of slowing down."
In the key findings document, the alliance points to a particular exploit that has been plaguing the security world for over a year, Eternalblue, as one of the leading causes.
Eternalblue is the infamous NSA exploit that was used in the Wannacry ransomware and NotPetya attacks.
The CTA's analysis explains that a number of Windows operating systems remain vulnerable to the bug, despite a patch released by Microsoft. As such, these systems run a vulnerable network file sharing protocol dubbed SMB1.
Malicious actors target these susceptible machines for their processing power, which even simple cryptojacking software can hijack.
In fact, these actors have even begun repurposing existing software to specifically mine cryptocurrencies, the report said, explaining:
"Researchers noted in February 2018 that the BlackRuby Ransomware family began 'double dipping' by adding the open-source XMRig software to their tools to mine Monero. The VenusLocker Ransomware family completely shifted gears, dropping ransomware for Monero mining. The Mirai botnet, notable for its 2016 DDoS attack that used IoT devices to impact substantial portions of U.S. internet services, has since been repurposed into an IoT-mining botnet."
Further, by decreasing the mining rate, the malware can easily and cheaply be scaled across a network in large organizations and persist on the host computer for a longer time, resulting in a larger pay-out.
Palo Alto Networks, one the partners in the alliance, found that Coinhive dominates in terms of software used by malicious actors, with some 23,000 websites containing Coinhive source code.
Moreover, the group of security firms has noticed that malicious actors are shifting their focus from traditional systems and personal computers to Internet-of-Things devices like smart TVs.
The CTA also stressed that the presence of cryptojacking malware may just be an indicator of how insecure a system is, saying, "if miners can gain access to use the processing power of your networks, then you can be assured that more sophisticated actors may already have access."
Mining image via Shutterstock
The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.
DDoSReportsCryptojackingMiraiCyber Threat Alliance
Coinbase Adds First Ethereum Token to Professional Trading Platform
Crypto exchange startup Coinbase is adding the 0x protocol token to its professional trading platform, Coinbase Pro.
Announced Thursday, the exchange said in a blog post that it had begun accepting
SpankChain Says Hacker Returned Stolen Crypto Funds
A hacker who stole 165.38 ETH from the SpankChain platform has returned the funds.
The payment platform focused on the adult industry announced Thursday that the hacker, who stole the funds from th
Korea's Largest Bitcoin Exchange Sells Stake in $350 Million Deal
Bithumb, currently the largest cryptocurrency exchange in South Korea by trading volume, just confirmed it has sold more than 38 percent of its total ownership to a blockchain consortium based in Sing
Nevada's Utilities Agency Eyes Blockchain for Energy Credit System
The Public Utilities Commission of Nevada, a government agency charged with supervising and regulating power utility services in the state, is looking to implement blockchain for its energy credit tra
Fake News Site Used New Zealand Prime Minister to Pump Bitcoin Startup
A fake news site has used the likeness of New Zealand Prime Minister Jacinda Ardern to promote articles on Facebook aimed to pump a crypto startup.
Local media source Stuff reported Friday that sev
FinCEN Blasts Iran's 'Malign' Use of Crypto to Bypass Economic Sanctions
A U.S. regulator is urging domestic exchanges to help prevent the Iranian regime from using cryptocurrency to bypass economic sanctions.
The Financial Crimes Enforcement Network (FinCEN) published
3 Bitcoin Price Factors That Suggest Bears Are in Charge
The prospect of a deeper drop in bitcoin prices has increased, price-volume analysis indicates.
The world's most valuable cryptocurrency, which had been trading sideways since September 22, fell sh
Leading Auction House Christie's to Record Art Sales on a Blockchain
London-based Christie's, one of the oldest and most noted art auction houses in the world, is turning to blockchain tech to securely store sales and provenance data.
The firm, which has a history g