Crypto Mining Attacks Soar in First Half of 2018

Malicious crypto-mining attacks jumped 956 percent from the first half of 2017 to the first half of 2018, IT security firm Trend Micro reported Wednesday.

In its latest Midyear Security Roundup, Trend Micro researchers noted that there were more than 787,000 detections of malicious cryptocurrency mining software in the first six months of 2018, up from 74,500 detections across a similar period in 2017. The cryptojacking programs detected include both legitimate mining tools being misused and dedicated malware.

The report said that researchers also discovered "47 new cryptocurrency mining malware families," meaning new groups began developing these programs this year, rather than just a few bad actors reusing the same malware.

Attackers have been increasingly looking into cryptojacking, or using businesses and other victims' computers to mine cryptocurrencies, the report said. This is a problem for businesses which now need to be aware of these potential threats.

The report explained:

"From an enterprise point of view, the presence of unauthorized cryptocurrency miners in the network is a red flag not only for the affected individual user device but also for overall network security ... The new challenge for enterprises lies in the fact that cryptocurrency miners are less visible, more silent threats, the non-detection of which is likely to induce a false sense of security."

Cryptojacking can damage hardware, resulting in shortened lifespans for businesses' computers and hurt network performance, the report added. Users' computers can also slow down, impacting their ability to use their machines as needed.

Some attackers are bypassing crypto-mining to instead hack exchanges directly, stealing large amounts of cryptocurrencies, the report said, citing this year's Coincheck and Coinsecure hacks as two examples.

"Interestingly, these trends persisted even as the value of cryptocurrency itself declined throughout the first half of the year," the report noted.

Trend Micro's report follows specific instances of cryptojacking reported by various security researchers over the year. Last month, Kaspersky announced it had discovered a new form of cryptomining malware which targeted corporate networks specifically. Another researcher found a cryptojacker which used an exploit in the Drupal content management system.

Red flag image via Shutterstock