Crypto-jacking attacks increased by 85 times in Q4 2017, says Symantec
Symantec, a cybersecurity company, have found that cryptocurrency coin miners have grown by a massive 8,500 percent in the fourth quarter of 2017 in so-called ‘crypto-jacking’ cyberattacks.
For those unfamiliar, crypto-jacking, also often referred to as drive-by mining, is the process whereby hackers and websites host sections of code that have the ability to secretly siphon off your computer processing power towards mining cryptocurrency for the offenders to make money from. Currently, crypto-jacking is on the rise and so are cryptocurrency prices.
“Cryptojacking just came out of nowhere,” said Kevin Haley, director of Symantec security response, adding that he doesn’t expect it to drop in popularity in 2018. “I think what we’re going to learn in the year to come [is] when people see the opportunity to take money, they’re going to come up with some really wild ways to do that.”
According to Symantec’s 2018 Internet Security Threat Report (ISTR), cybercriminals are now quickly turning to crypto-jacking, as it provides them a highly profitable illicit income. Coin-mining activity is strongly linked to the increase in value of many cryptocurrencies.
“Cryptojacking is a rising threat to cyber and personal security,” said Mike Fey, president and COO, Symantec. “The massive profit incentive puts people, devices and organizations at risk of unauthorized coinminers siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers.”
Out of all the online hack attacks that were blocked in December, nearly one quarter – or 24 percent – were considered to be cases of cryptojacking to mine the digital currencies such as Bitcoin and Monero. Symantec also reported that was a 46 percent increase in ransomware variants, with China becoming the country of origin for 21 percent of attacks using Internet of Things (IoT) devices.
Gains for cryptocurrencies like thereum, ripple and bitcoin have encouraged cyber-criminals to find alternate sources of revenue. As a result, their acquisition has led to the rapid rise of crypto-jacking, affecting both mobile and desktop systems. Also, increased availability of easy-to-use crypto mining tools that can be slotted into malware has partly contributed to the rise.
“With a low barrier of entry—only requiring a couple lines of code to operate—cyber criminals are using coinminers to steal computer processing power and cloud CPU usage from consumers and enterprises to mine cryptocurrency. While the immediate impact of coin mining is typically performance related—slowing down devices, overheating batteries and in some cases, rendering devices unusable—there are broader implications, particularly for organizations,” Symantec’s 2018 ISTR reads. Low reporting rates of these sorts of crimes are also tempting cybercriminals.
Corporate networks are at risk of shutdown, as coin miners can spread across their environment and inflate their cloud CPU usage, adding financial cost.
“Now you could be fighting for resources on your phone, computer or IoT device as attackers use them for profit,” said Haley. “People need to expand their defenses or they will pay for the price for someone else using their device.
Considering the astronomical rise in cryptocurrency values and the low reporting of cryto-jacking cases, it doesn’t seem that crypto-jacking will see a downfall so soon.