Trend Micro Security Report Says Crypto Mining Attacks Up 956% Since Q1 2017
The cryptocurrency industry is known for the lack of security in many different platforms, making it easy for some hackers to break through the barriers and steal crypto tokens and coins. Based on the latest Midyear Security Roundup from Trend Micro, the comparison between 2017 and 2018 is staggering. In fact, when comparing the numbers from Q1 of 2017 to Q1 and Q2 of 2018, the study found that the numbers had gone up 956%.
In the beginning of 2017, there were a total of 74,500 detections of hacking, theft, and/or fraud, based on the details found with cryptojacking programs. For just the first six months of 2018, the company detected over 787,000 instances of malicious activity. The program used to find this information has discovered both malware that is designed to infiltrate accounts and actual mining tools that were used maliciously.
Along with the instances of hacking and theft that Trend Micro found, they also discovered that there are “47 new cryptocurrency mining malware families.” Basically, this means that new groups have been working on programs that can infiltrate accounts even better, rather than using malware that platforms have found ways to defend themselves from.
Many attackers have been considering cryptojacking as a way to steal funds. Using networks for individuals and businesses makes it easy to collect data from multiple accounts simultaneously.
To further explain this concept, the report says,
“From an enterprise point of view, the presence of unauthorized cryptocurrency miners in the network is a red flag not only for the affected individual user device but also for overall network security … The new challenge for enterprises lies in the fact that cryptocurrency miners are less visible, more silent threats, the non-detection of which is likely to induce a false sense of security.”
When cryptojacking is used in an attack, it doesn’t just steal from the user. It damages the hardware that they are hacking, which means that the entire network is at risk from the damage. Even if the performance is slightly impacted, the ability of a business to use their machines is crucial for revenue and the daily functions of the company.
Though crypto mining is still a way to make money, individuals with a high enough skillset find that the hacking of the exchange is often more profitable. They steal as much as they can while they are in the network, which is exactly what happened to Coincheck and Coinsecure.
Referencing these events, the report notes,
“Interestingly, these trends persisted even as the value of cryptocurrency itself declined throughout the first half of the year.”
The report lists many specific occurrences and examples of businesses that have been victims of cryptojacking in the last year. Kaspersky, in an effort to curb some of these problems, found a new type of malware that was designed to go after corporate networks. In another study, the Drupal content management system was found to have exploits that a cryptojacker used to his own advantage.