Crypto mining malware ‘dominates’ cyber criminal activity, report
Just like any other industry, the crypto industry is highly vulnerable to cyberattacks in 2020, according to a Check Point Research‘s cybersecurity report.
In 2019, no organization, regardless of its size, was excepted from cyberattacks. Cybercrime is lucrative and, therefore attractive for unscrupulous individuals. Researchers estimated that for 2018 cybercrime rates generated US$1.5 trillion.
Bitcoin is resilient because of the randomness of the data exchanges within its
blockchain, and the use of sturdy encryption. Consequently, the blockchain and the data cannot be duplicated or infiltrated through malware or other malicious technology. Nonetheless, transactions occurring around the blockchain are vulnerable to cyberattacks.
For example, for 2020, the Cyber Security Report underscores the threat to cloud infrastructures related to cryptomining attacks. Although the value of cryptocurrencies declined in value last year, cloud infrastructures present a massive target for cryptomining malicious campaigns.
Cryptomining malware is defined as software programs and malware components programmed to take over a computer’s resources and use them for
cryptocurrency mining without a user’s permission.
Ransomware is another threat that became more sophisticated and targeted in 2019. In the first half of 2019, compared to 2018, there was a 50 percent increase in attacks by mobile banking malware. In effect, according to the report, “27% of all organizations globally were impacted by cyberattacks that involved mobile devices.”
The report describes the malware that specifically exploits Bitcoin over any other crypto. For example, Glupteba includes a Command and Control address update mechanism through public Bitcoin lists. Glupteba is thus used to distribute a browser stealer or router exploiter. Cryptoloot is also used to perform online mining of Monero coins when an intruder visits a web page without the user’s authorization. Moreover, Danabot is a banking Trojan that targets Windows platform, that it is also used to steal browser passwords and wallets.
Researchers also highlight how hackers have used Ryuk ransomware to extract large payments in Bitcoin from their victims.
The range of cyber threats is becoming more extensive and more sophisticated. Thus, the report recommends that to stay ahead of criminals and avert cyberattacks, not merely detect and remediate them, organizations need to implement a proactive battle plan and keep threat intelligence up to date.
“To prevent zero-day attacks, organizations first need incisive, real-time threat intelligence that provides up-to-minute information on the newest attack vectors and hacking techniques. Threat intelligence must cover all attack surfaces, including cloud, mobile, network, endpoint, and IoT, because these vectors are commonplace in an enterprise.”