In the third quarter (Q3 2022) of this year, Kaspersky researchers saw a sharp increase in crypto miner variants or an overall growth of over 230% compared to the same period last year. The popularity of cryptocurrency has skyrocketed in the past year and experienced highs and lows.
According to the cybersecurity solutions company, the number is three times more than in the third quarter of 2021 and now exceeds 150,000. Remaining hidden for months, cybercriminals use the processing power of the victim’s computer to mine cryptocurrency, with an income reaching up to $40,500 (2 BTC) per month. Monero (XMR) is the most popular cryptocurrency for malicious mining.
With the beginning of the “crypto winter of 2022,” when the value of cryptocurrencies dropped significantly, the cryptocurrency industry is facing a liquidity crisis. Despite that, criminal activity targeting the cryptocurrency industry does not seem to be slowing down, according to Kaspersky’s new research paper “The state of cryptojacking in 2022.”
Kaspersky finds Trojans targeting employee devices in PH
Password stealers target small businesses in SEA
“Cryptocurrency mining is a painstaking and costly process but very rewarding at the same time, which is why it attracts the interest of cybercriminals,” Kaspersky said.
Making money using crypto miners is profitable for cybercriminals — they don’t pay for equipment or for electricity, which will be rather expensive in 2022. After installing mining software on the victim’s computer, all the attacker needs to know is how to create a miner using open-source code or where to buy one. If the cryptomining malware is installed successfully on the victim’s computer, it provides its operator with steady earnings.
This year saw a sharp increase in the number of new modifications to malicious mining programs. During the first three quarters of 2022, expert analysis identified more than 200,000 new miners, which is more than twice as many as last year. This increase is only due to a sharp jump in the third quarter of 2022. In Q3 2022, the number of new malicious miners exceeded 150,000.
Malicious mining software
Most of the analyzed samples of malicious mining software (48%) secretly mine Monero (XMR) currency via the victim’s computer. This currency is known for its advanced technologies that anonymize transaction data to achieve maximum privacy. Those monitoring it cannot decipher addresses trading Monero, transaction amounts, balances, or transaction histories, all these factors are extremely appealing to cybercriminals.
Regarding the worlds’ most widely used cryptocurrency, Bitcoin wallets that were used in illicit mining accumulated around $1,500 on average in Bitcoin every month. The company’s researchers recorded an incoming transaction of 2 BTC, which is more than $40,500, per one analyzed wallet.
Backdoors
Most frequently, attackers distribute miners through malicious files masquerading as pirated content: films, music, games, and software. Unpatched vulnerabilities pose a serious challenge to users while being an appealing lure for cybercriminals who exploit them to spread to miners. Kaspersky’s telemetry shows that nearly every sixth vulnerability exploiting attack was accompanied by a miner infection. In Q3, miners became even more widespread than backdoors, which were the prime choice of cybercriminals throughout the first half of 2022.
To stay protected from crypto miners, Kaspersky experts also recommend:
- Check the website’s authenticity. Do not visit websites allowing you to watch a movie until you are sure that they are legitimate and start with “https.” Confirm that the website is genuine, by double-checking the format of the URL or the spelling of the company name, reading reviews about it, and checking the domain’s registration data before starting downloads
- Security solutions will protect your computer and other devices from unauthorized usage of your PC computing power to generate cryptocurrency and prevent deterioration of PC performance.
- Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.
- Use a dedicated security solution such as Kaspersky Endpoint Security for Business with application and web control to minimize the chance for cryptominers to be launched; behavior analysis helps quickly detect malicious activity, while vulnerability and patch manager protects from cryptominers that exploit vulnerabilities.