Cryptojacking malware is already losing its appeal to cyber
criminals as some users of the illicit cryptocurrency-mining software begin to
realise that it isn't as simple a means of making a quick buck as they first
thought.
Cryptocurrency-mining
malware is deployed to infect machines including PCs, servers, smartphones and
even Internet
of Things connected devices, in order to secretly use their processing
power to mine for cryptocurrency.
The stealthy nature of cryptojacking makes it highly
appealing for cyber criminals, who can maintain a presence on an infected
machine over a long period of time without much risk, since most users won't be
suspicious of their computer running a little slower or their fans working
harder.
Such is the popularity of cryptocurrency mining
malware, it
has overtaken ransomware as a means of cyber criminals turning a profit.
However, a little over eight months since the boom in
cryptojacking malware began, this particular form of cyber crime appears to be
losing its appeal, because
despite remaining one of the most common forms of malware, detections have
sharply declined in recent months.
Figures in the Cybercrime tactics and techniques: Q2 2018 report
by Malwarebytes suggest that detections of coinminers on consumer desktop PCs
peaked at five million in March, but dropped to around 1.5 million in June.
The pattern is similar to detections of coinmining malware
on business desktop PCs -- 100,000 detections of cryptojacking malware in
January declined to around 30,000 by June.
Interactive analyst report gives you comparison ratings,
reviews and pricing from actual software selection projects. Connect with
SelectHub to expedite your HR software search with free recommendations and
pricing based on our expert software evaluations and inside pricing knowledge.
One reason cryptocurrency mining malware is being dumped by
some criminals is because it isn't representing a good return on investment.
While it comes with the advantage of being extremely stealthy, attackers
require a large network of infected machines and the patience to wait for
months in order to generate a good profit.
"Simply compromising a few hundred sites with a web
miner alone is not going to yield very much, since those hacked sites typically
have low traffic," Jérôme Segura, security researcher at Malwarebytes told
ZDNet.
According to the report, a decline in the value of Monero
-- the
currency preferred by cryptojackers thanks to how it can be mined on almost any
connected device as well as the privacy it offers -- is partly
responsible for the declining use of this malware. Like Bitcoin, Monero surged
in value late last year, leading to the rush towards coinmining.
But in the months since, deploying cryptojacking malware
has become more difficult, as anti-virus software has become more adept at
detecting the threat.
"For a short time, criminals saw a way to profit from
malicious cryptomining that was unexpected and therefore ripe for abuse. Now
that the technique is known and fought against, this poses new challenges that
make them re-evaluate their operations," said Segura.
One danger which could emerge from the coinminer slowdown
is that attackers could move towards other, more damaging forms of
malware. Ransomware
has remained popular during 2018 and the decline of cryptojacking
could see some hackers return to demanding payments in return for decrypting
files.
Researchers point to a drop in coinmining being
particularly bad news when it comes to one threat -- the Vools
backdoor.
Currently, Vools is mainly used to deliver miners and its
spread can be aided by EternalBlue --
the SMB vulnerability behind the
WannaCry ransomware attack -- but researchers warn that the decline of
cryptojacking means that more malicious threats could be deployed using this
backdoor.
"The primary fear of Vools' capabilities is not due to
its mining component or even its use of EternalBlue, but the additional threats
that this malware can and will install on the system once cryptomining goes out
of fashion," said the Malwarebytes report.
"Based on plummeting cryptocurrency values over the
last few months, that time is going to come sooner than later."
However, in much the same fashion that the rise of
cryptocurrency mining didn't kill off malware, should cryptojacking now
continue to decline, it isn't going to disappear completely.
"The interest in cryptocurrencies is still very strong
and it is one of the reasons why malicious cryptomining is going to remain of
the top threats for some time," said Segura.
Click
here for the original article from ZD Net.