Botnets increasingly used for crypto mining malware, Kaspersky says

Getting your Trinity Audio player ready...

Botnets are being repurposed to distribute crypto mining malware, using victim’s processing power and energy resources to mine for cryptocurrency, according to security experts at Kaspersky Labs.

The findings from cybersecurity company Kaspersky Labs identifies a growing trend towards using botnets in conjunction with crypto mining attacks, which allows hackers the opportunity to commandeer processing power from infected networks.

This processing power is then devoted to mining for cryptocurrencies, including the BTC token, which provides a source of funds for those behind the attacks.

According to the report, botnet owners are increasingly switching towards mining from other attack vectors, highlighting the profitability of this kind of attack. The research suggests that a corresponding drop in DDoS attacks could be as a result of attackers switching focus to mining over other types of malware.

“Evidence suggests that the owners of many well-known botnets have switched their attack vector toward mining. For example, the DDoS activity of the Yoyo botnet dropped dramatically, although there is no data about it being dismantled,” it noted.

The report goes on to say that the malware is often distributed alongside unlicensed, or pirated, software, explaining, “The more freely unlicensed software is distributed, the more miners there are. This is confirmed by our statistics, which indicates that miners most often land on victim computers together with pirated software.”

Kaspersky Labs has previously identified these types of attacks are being attractive for scammers, thanks to the difficulties with detection—both from law enforcement authorities, and from the victims themselves.

Running silently in the background, it is hard for victims to even identify when their system has been compromised, leading to a longer time to detection compared to other types of malware.

There was also the suggestion that some jurisdictions were more amenable to these types of attacks than others, with Kazakhstan, Vietnam and Indonesia amongst the most prominent locations for these types of attacks to originate, according to the report.

The report will serve as a reminder of the dangers of pirated software, and the type of attacks that can infect the computers of those who download software illegally.