A new report issued this week by software security firm McAfee shows a stunning surge in malicious attacks on computers to mine cryptocurrency. McAfee Labs reports a 629 percent increase in coin miner malware found during the first quarter of 2018. Malware threats, the report says, were up by more than 1,100 percent.
The method, called cryptojacking, takes over a system, allowing hackers to discreetly confiscate computing power and mine cryptocurrency in the background. A system’s user can be unaware this is going on, other than noticing their computer operating slower than normal.
“Compared with well-established cybercrime activities such as data theft and ransomware, cryptojacking is simpler, more straightforward, and less risky,” wrote Steve Grobman, McAfee’s chief technology officer, in the report.
To pull it off, criminals cast a wide net with hopes of infecting millions of systems. They monetize their efforts by syphoning some of the computer’s power to mine cryptocurrencies in the background.
“This suggests that cybercriminals are warming to the prospect of monetizing infections of user systems without prompting victims to make payments,” Grobman also wrote.
He added that the covert approach is popular in other ransomware schemes. However, one difference is that cryptojacking eliminates a problem for hackers by removing the system’s user from the equation. In more traditional types of ransomware, a user might be required to pay a ransom or click through a series of pop-ups. Cryptojacking happens without warning.
Not only are consumer systems prime targets, companies with massive cloud infrastructures have been cryptojacked. Car manufacturer Tesla and popular web development app Jenkins have fallen victim. Government systems in the U.S., U.K., and Australia have been targeted too.
McAfee also reports an increase in crypto mining malware on mobile devices, noting there’s a 5 percent increase from last year that coincided with the spike in bitcoin prices.
“The Android platform continues to serve as low hanging fruit for malware authors, who eye it’s more than 2 billion users,” wrote Raj Samani, a McAfee Fellow and chief scientist. “We expect the targeting of mobile devices by cybercriminals to steadily increase in 2018 and beyond as these bad actors hone their exploitation and monetization skills.”