Cryptojacking: the new threat that’s worrying cybersecurity experts

#Security 12.11.2018 2min Last update : 10.25.2020

2017 was a year dominated by the growing power of ransomware. Who can forget the Wannacry cyberattack, affecting hundreds of thousands of devices around the world? But this year, a new threat has been gaining ground, and it’s called cryptojacking. Thousands of people are already reported to have fallen victim to the attack, which mines your cryptocurrency without you knowing.

This new method developed by cybercriminals uses a server, a cloud server, a computer, or a smartphone to create a virtual currency. In June 2018, IT security firm Check Point ranked cryptojacking as the top threat for the month of May.

8500% rise in attacks in 2017

Cryptocurrency mining attacks grew by 8500% in 2017, according to Symantec. The security specialist firm recorded 1.7 million attacks in December of that year alone. “With a low barrier of entry – only requiring a couple lines of code to operate – cyber criminals are harnessing stolen processing power and cloud CPU usage from consumers and enterprises to mine cryptocurrency,” Symantec explained in a recent report.

Cryptojacking offers a major advantage over more established malware attacks. The mining process is run in the background, without mobilizing all the resources of the infected device. “For enterprise organizations, coinminers can put corporate networks at risk of shutdown and inflate cloud CPU usage, adding cost,” Symantec stated.

Users generally have no idea that a cryptojacking attack has occurred. With a conventional ransomware attack, the computer is held hostage and there is a real risk of data being lost. The malware encrypts the data, so it cannot be used unless a ransom is paid. But now, demanding a ransom isn’t the only way of stealing cryptocurrency.

Huge potential

With more than 1,500 cryptocurrencies available on more than 10,000 marketplaces – worth a total of around USD 300 billion – the potential is massive. Within just a few months, cryptojacking has become a firm favorite among cybercriminals the world over.

According to a report from the Cyber Threat Alliance, this type of threat grew by 459% in 2018. One type of cryptojacking mining attack, Somominru, is reported to have stolen more than USD 2 million in February alone. “Cryptocurrency miners may be the new kid on the block, but they’re taking over. With high-profit opportunity and a low chance of being discovered or stopped, this malware tool provides a money-making safe haven for cybercriminals,” say experts at Skybox Security. The sudden popularity of cryptomining software can be explained by the fact that attacks are undetectable.

Many IT security specialists believe this type of attack needs to be taken very seriously indeed. Diverting processing power on infected devices to create cryptocurrency isn’t the only thing that the malware does. “What we’re finding out is that this particular malware also has other nefarious activities that it does while it’s mining for cryptocurrency,” Anthony Giandomenico, senior security researcher at Fortinet’s FortiGuard Labs told ZDNet.

A gateway to other attacks

Cybersecurity experts say that cryptojacking is just one of the many tricks up hackers’ sleeves. The program can then be exploited to spread other malware. “It will disable your antivirus, open up different ports to reach out to command and control infrastructure, and it can download other malware. Basically, it’s reducing or limiting your security shields, opening you up to lots more different types of attacks,” Giandomenico explained.

This practice has already been detected by IT security specialists. For businesses, they run the risk of having to deal with the consequences of a data breach. Since the GDPR came into force, breaches can be very expensive for them indeed.