eSentire report finds 15-fold rise in crypto mining malware attacks

Getting your Trinity Audio player ready...

eSentire Threat Intelligence, a firm who monitor and respond to cyberattacks, has released its 2018 Annual Threat Report. In the report, the firm documents a 1,500 percent rise in crypto mining malware attacks over the previous year.

The report notes that the attacks come in two forms, “malware on compromised assets and in-browser mining that persists only through the browsing session.” Although a device may be infected without the user noticing, typical symptoms include “sluggish performance and reduced battery life.”

Previous to 2018, a very popular cyberattack was ransomware, where an infected device or file would get locked down by the attacker, and prompt the user with a message to pay up using a cryptocurrency, or the file would be locked or lost forever. As the eSentire report notes however, this was a very unreliable method of making money for cyber attackers, since it depended on the end users to want the file enough to cooperate and pay the ransom. In 2018, they figured out that if they can already compromise a device, why not install a coin miner and get a stable source of income.

Threat actors looking to get rich quick still had options though. More powerful servers could be flipped on the black market for an instant profit.

The popular altcoin of choice for these attacks appears to have been the privacy-centric Monero. The report notes that it was popular “for illicit activity due to its enhanced privacy and distributed mining capabilities.” Monero has not gone under the radar for these features, as it has already been on the U.S. Secret Service’s radar for being a tool in illicit activity.

As Dr. Craig Wright has noted, the cryptocurrency space needs to distance itself from the wild west of its past. Anarchists and thieves who support Monero, specifically because of the anonymity it offers, are also holding back digital currency on the whole, as it scares the public away from adoption, and encourages governments to criminalize the use of cryptocurrencies.

The biggest target of cyberattacks in 2018 were educators, the report notes. It’s unlikely that the education industry was more targeted than others, but that it simply lacked the cybersecurity and employee awareness necessary to protect itself.