- Cryptojacking attacks more than doubled in 2018
- Most individuals and organization don’t give a thought about cryptojacking
- Threats are likely to keep on increasing
The theft of CPU power to mine cryptocurrencies, also known as cryptojacking is giving ransomware a run for its money in affecting businesses, consumer systems and governments. Besides tricking users to download scripts the end up using their computers to stealthily perform complex mathematical calculations required for mining, there are some alarming other threats to watch out for.
ZDNet reports that the year 2018 has seen a large number of cryptocurrency mining malware attacks. However, for most PC users it’s business as usual even though it comes with more damaging attacks than your regular Trojans and ransomware. No PC user should stay complacent about the malware that hijacks your computer’s processing power and infects your machine to mine cryptocurrencies on behalf of the attacker.
According to a report by the security firm Fortinet, once the attacker gets a foothold in your PC they have a free hand to deliver more damaging malware. The report notes that most individuals and organization don’t give a thought about cryptojacking hence the heightened risk. Anthony Giandomenico, a senior security researcher at Fortinet’s FortiGuard Labs says:
“What we’re finding out is that this malware also has other nefarious activities that it does while it’s mining for cryptocurrency, […] it will disable your antivirus, open up different ports to reach out to command-and-control infrastructure, it can download other malware. Basically, it’s reducing or limiting your security shields, opening you up to lots more different types of attacks.”
The reason the threat is significant is that cryptojacking is a relatively new kind of risk that appeared for the first time in FortiGuard Labs Q4 report in 2017 and had affected 13 percent of organizations and doubling to 28 percent in Q1 2018.
Wide spectrum of threats
Giandomenico says the concerns about this problem is that cryptojacking goes beyond the stolen CPU cycle and opens the gate to more malware that affects machines and networks. He adds:
“Larger IoT botnets are now carrying this cryptojacking malware and installing them on [internet-of-things] devices, and even IoT that are found in the home.”
Cryptojacking is becoming more sophisticated, using file-less malware techniques that aren’t easy to detect with standard defense tools. By using the file-less tools the bad guys will automatically inject the malware into a PC’s memory making it more difficult for anti-malware to detect it and for forensic investigators to locate it. According to Fortinet, the threat is likely to become larger as attackers up their game and constantly monitoring your PC is highly recommended.