Kaspersky Lab’s Securelist Report Shows Crypto Mining Attacks Expected to Continue Increasing
A recent report released by Securelist—the Kaspersky Cyber Security threat department—on November 13th this year provides a detailed analysis of the increased cybersecurity threats being faced by cryptocurrency exchanges. The report has mentioned the various roles that are being played by various hacker groups, e.g., Lazarus, and has also gone ahead to predict what awaits the exchanges in the next few years.
Cryptocurrency Attack Trends For The Third Quarter Of 2018
Lazarus—the North Korean hacker group is well known for hacking and extorting cryptocurrency exchanges. Recent statistics indicate that the group stole approximately $571 million from a cryptocurrency exchange platform on the month of October alone. Many industry experts are wary that the group may continue with this trend in the coming years.
The report released by Securelist indicates that Lazarus often relies on the use of a Trojan Horse. The Trojan application is often anonymously sent to a crypto enthusiast. Once activated, the group uses the application to hack into the targeted exchange.
It is estimated that these attacks will continue to increase in the next few years as the group has successfully developed different malware applications that can be used on Linux, Mac OS, and Windows operating systems.
It is worth noting that ransomware incidents have experienced a steep decline in the past twelve months. But this is not something to celebrate about as the ransomware incidents have been replaced by ‘cryptojacking’. This is a fancy term used to describe crypto mining, which is in many cases linked to Lazarus.
The cryptojacking incidents rose to new levels in the period between 2017 and 2018. This is a period that saw close to three million incidents being reported by crypto enthusiasts all over the globe. It was a significant rise compared to the period between 2016 and 2017 which saw less than two million incidents being reported. The report notes that in the same period, crypto mining bots managed to accumulate a total of seven million dollars by the end of 2017’s second half.
Trojan Rakhni is one of the ransomware applications that are often linked to cryptojacking. The application is normally sent to unsuspecting victims in the form of a financial document attached to their emails. As soon as the victim opens the attachment, the malware goes to work and starts combing the files in search of BTC related folders.
If it comes across any such files, it encrypts them and then starts demanding for ransom. If the victim fails to pay the ransom, the application installs a mining application in the affected computer. The problem with the mining application is that it automatically starts to utilize the victim’s energy.
This report has also noted that crypto hackers are using social engineering methods to fool crypto users into parting with their digital assets. The hackers often send crypto related links to their intended victims in what is known as a phishing attack. For instance, 2018 has seen more than 100,000 phishing attempts being reported to the authorities.