Crypto mining has become incredibly popular with cybercriminals over the past year, growing by 230 percent. It’s not hard to see why as it’s expensive in terms of machinery and energy consumption, so if you can cryptojack someone else’s machine to do it there are healthy profits to be made.
New research from Kaspersky shows that despite the ‘crypto winter’ which has seen the value of cryptocurrencies drop significantly and the cryptocurrency industry facing a liquidity crisis, criminal activity targeting the crypto industry doesn’t seem to be slowing down.
The research reveals that 215,843 new miners have appeared and taken over computers in 2022, and crypto mining can generate around $40,500 per month for cybercriminals. Most of the jump in mining has come in the third quarter with over 150,000 new miners spotted between July and September.
Monero (XMR) mining is most common among the analyzed samples (48 percent). This currency is known for its technologies that anonymize transaction data to achieve maximum privacy. This makes it impossible to identify addresses trading Monero, transaction amounts, balances, or transaction histories — all factors which are very appealing to cybercriminals.
Miners are mostly distributed through malicious files masquerading as pirated content like films, music, games and software. At the same time, un-patched vulnerabilities pose a serious challenge to users while being an appealing lure for cybercriminals who exploit them to spread miners. Kaspersky’s telemetry shows that almost every sixth vulnerability exploiting attack was accompanied by a miner infection.
“Although these are not the best days for the cryptocurrency industry, the topic of cryptocurrency has been in the spotlight throughout the year, so it’s not surprising that malicious actors would want to profit from these trends. The silver lining is that while the number of threats is rising, there are no dramatic changes in the number of users that encounter miners. That is why it is extremely important to raise awareness about the first signs that malware is being downloaded onto your computer. It is also necessary to install a reliable security solution that will prevent attacks at an early stage,” says Andrey Ivanov, a security expert at Kaspersky.
You can read more on the Kaspersky Securelist blog.