It’s an open season for the hackers. According to a new report by cybersecurity firm McAfee Labs on 27th of June, there is a huge rise in the crypto jacking cases. The rise was measured almost at 629% in the first quarter of 2018.
The McAfee Labs Threat Report has published its threat assessment report on 27th of June. They detected over three million known samples on the coin miner malware in the first quarter of 2018. Around the same time the previous year, the number hovered around 400,000 samples. The rise is staggering considering the widespread leap from the earlier years. This report assessed the number of malware attacks from January to March of 2018.
The report stated, “This suggests that cybercriminals are warming to the prospect of monetizing infections of user systems without prompting victims to make payments, as is the case with popular ransomware schemes. Compared with well-established cybercrime activities such as data theft and ransomware, cryptojacking is simpler, more straightforward, and less risky”.
Multivariate Goals
The report illuminated the motive behind the attacks and how they can be of significant threat to nation states. It said, “The goal of the perpetrators is to monetize their criminal activity by expending the least amount of effort, using the fewest middlemen, and executing their crimes in the shortest time possible and with the least risk of discovery.”
According to the report, these campaigns were driven by multivariate goals. The majority of these attacks are good old profit-motivated cybercrime. However, there certainly is a significant element of political subversion into the mix. This act range from surveillance to espionage in many cases.
The report is game-changing as it clearly identifies the mingling of the cybercrimes with cryptocurrencies. We have earlier noted the US Congress and other bodies discussing the association of criminal activities with cryptocurrencies.
However, their focus was much more on traditional drug and sex trafficking. Only the Senate Committee looked into its cyber aspects, and that also was convoluted by emphasizing on Russian threat.
Cryptocurrencies and Cyber Threat
McAfee report clearly says that the cryptocurrencies continue to shape the cyber threat landscape in the first quarter. This is where cryptokacking is becoming such a larger game. Cryptojacking is the infection of the user system in order to steal their processing powers.
The purpose here is the hijacking of the system without the knowledge of the user and then utilize it to mine the cryptocurrencies. The report asserted that the cryptojacking is much easier than the well-established cybercrime activities. It can be done without much hassle as compared to data-theft and ransomware.
According to it, “cryptojacking is simpler, more straightforward, and less risky. All criminals must do is infect millions of systems and start monetizing the attack by mining for cryptocurrencies on victims’ systems. There are no middlemen, there are no fraud schemes, and there are no victims who need to be prompted to pay and who, potentially, may back up their systems in advance and refuse to pay.”
The report says that by infecting of the millions of the systems, criminals have the ability now to monetized these attacks by dropping a mining malware into the vulnerable system. These malwares are autonomous and require minimal efforts. They run the least risk of discovery as users themselves rarely figure them out. The development of malware showed remarkable technical agility and innovations on the attacker part.
Rising Threat
The rise in cryptojacking is a familiar concern in every part of the world. It was revealed some time ago that almost 5% of entire Monero [XMR] in circulation is mined vial the process of cryptojacking. This report sunk the already suspicious image of Monero given its better privacy features. Secret Service wants Congress to ban Monero now.
A cyber maintenance firm in China teamed up with some hackers and infected almost 30,000 systems all across China. It was found later only because the internet speeds in cyber cafes were abysmal despite all their efforts.
Japanese are also fighting the cryptojacking. In fact, they became the first nation in the world to make an arrest of sixteen individuals explicitly on the grounds of cryptojacking. The case is of criminal nature and thus have wider implication for Japanese crypto and cyber community.
Lazarus
There are various outfits behind these attacks. The major one is called Lazarus. According to the report, “The Lazarus cybercrime ring has reared its head again, launching a new, highly sophisticated Bitcoin-stealing phishing campaign—HaoBao—which targets global financial organizations and Bitcoin users. When recipients open malicious attachments, an implant scans for Bitcoin activity and establishes an implant for persistent data gathering. These techniques bear a strong similarity to other attacks that are believed to have been perpetrated by Lazarus”.