Global cybersecurity solutions provider Trend Micro Incorporated said in a new study that this year, cryptojacking attempts are making the most significant impact ever. In its Midyear Security Roundup 2018, the company said it recorded a 96 percent increase in cryptocurrency mining detections in the first half 2018 compared to all of 2017 and a 956% increase in detections versus 1H 2017.
“This indicates cybercriminals are shifting away from the quick payout of ransomware in favor of the slower, behind-the-scenes approach of stealing computing power to mine digital currency,” the report said.
The study also showed cybercriminals are veering away from attention-grabbing ransomware attacks to more clandestine methods but with the same intention of stealing money and precious computing resources.
"The recent change in the threat landscape mirrors what we've seen for years – cybercriminals will constantly shift their tools, tactics, and procedures (TTPs) to improve their infection rates," said Trend Micro director of global threat communication Jon Clay. “Standard spray and pray ransomware attacks and data breaches had become the norm, so attackers changed their tactics to be more covert, using entry vectors not previously seen or used extensively. This means once again, business leaders must evaluate their defenses to ensure sufficient protection is in place to stop the latest and most pressing threats.”
According to the research, it also detected a significant number of new cryptocurrency miner malware families, showing that cybercriminals remained keenly interested in profiting from digital currencies.
It added that a network infected with unwanted cryptocurrency miners could slow down performance, consume power, and gradually wear down hardware. These problems are multiplied in an enterprise environment, the researchers noted.
The company advised IT administrators to keep an eye out for unusual network activity considering the stealthy but significant impact cryptocurrency mining can have on a system.
“Though its prevalence in the cybersecurity landscape has plateaued, ransomware is still something that enterprises should be vigilant against,” the study said.
An independent report by iDefense, a company owned by Accenture, found that Iranian-backed hackers have boosted their cryptojacking and ransomware capabilities as geopolitical tension sizzles between the US and Iran.
“The increased repurposing of popular malware by Iranian actors could lead to the use of ransomware for destructive purposes by state-sponsored organizations," the report noted.