Cryptomining malware surges


By Dylan Bushell-Embling
Wednesday, 26 September, 2018


Cryptomining malware surges

Use of cryptocurrency mining malware surged over the past two quarters as cybercriminals acted to diversify their arsenals, according to a new report from McAfee Labs.

The company’'s latest Threat Report found that cryptomining malware samples grew 86% during the second quarter, after surging 629% during the previous quarter.

More than 2.5 million new samples were detected during the second quarter, and this includes samples that appear to be older malware such as ransomware that has been retooled with cryptomining capabilities, the report states.

While cryptomining malware primarily targets PCs, an increasingly wide range of devices has fallen into the criminals’ crosshairs, including Android smartphones, according to McAfee Advanced Threat Research Lead Scientist Christiaan Beek.

“A few years ago, we wouldn’t think of internet routers, video-recording devices and other Internet of Things devices as platforms for cryptomining because their CPU speeds were too insufficient to support such productivity,” he said.

“Today, the tremendous volume of such devices online and their propensity for weak passwords present a very attractive platform for this activity. If I were a cybercriminal who owns a botnet of 100,000 such IoT devices, it would cost me next to nothing financially to produce enough cryptocurrency to create a new, profitable revenue stream.”

Meanwhile, the total number of ransomware samples has grown 57% over the past four quarters, while new mobile malware samples increased for the second successive quarter in Q2 with a 27% growth.

Other trends in the threat landscape include a 151% rise in the number of samples designed to exploit software vulnerabilities, a new billing fraud campaign of at least 15 apps on Google Play, as well as increasing prevalence of malware exploiting JavaScript and the PowerShell command line language.

Image credit: ©stock.adobe.com/au/raccoondaydream

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Related Articles

The AI regulation debate in Australia: navigating risks and rewards

To remain competitive in the world economy, Australia needs to find a way to safely use AI systems.

Strategies for navigating Java vulnerabilities

Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...

Not all cyber risk is created equal

The key to mitigating cyber exposure lies in preventing breaches before they happen.


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd