Home / Archive / Cybercriminals Are Moving from Ransomware to Cryptojacking: Kaspersky Lab

Cybercriminals Are Moving from Ransomware to Cryptojacking: Kaspersky Lab

Last Updated March 4, 2021 5:09 PM
Andy Peterson
Last Updated March 4, 2021 5:09 PM

According to a report  published by Kaspersky Lab, a global cybersecurity company, there has been a significant shift from ransomware-related attacks to crypto-mining malware. The report claims that this type of attack — known as cryptojacking — has become a more profitable prospect for hackers and is the reason for the decline in ransomware attacks.

In 2017, Ransomware like WannaCry caused global havoc after spreading to several organizations including several UK National Health Service hospitals across England and Scotland. The ransomware targeted a Microsoft Windows exploit, encrypted all user files on a computer, and demanded bitcoin payments as a ransom to unlock the files. However, the report referred to them as an “isolated surge than a trend.”

“The total number of users who encountered ransomware fell by almost 30%, from 2,581,026 in 2016-2017 to 1,811,937 in 2017-2018,” the report stated. There has been a significant decline, of about 22.5%, of ransomware attacks on mobile devices.

cryptojacking monero
Many cryptojacking attacks use zombie computers to mine monero (XMR), which is anonymous and ASIC-resistant.

The report also indicated that the number of users who encountered malicious miners increased by almost 44.5% in the last year. Factors such as the simple monetizing model of mining, discreteness of mining software, and the ease of creating these miners all have contributed in making cryptojacking a more lucrative attack vector compared to ransomware.

Mobile-based mining attacks have seen a steady growth along with PC based attacks. Although PCs provide more computational power for mining the report stated that “Both percentages and absolute figures show us that mobile mining is an emerging threat, targeting developing countries.” Venezuela, Myanmar, and Nepal were among the top three countries affected by mobile-based cryptojacking attacks.

Developing countries such as India and China make up for a one-third of the market share for smartphone devices. The report also discussed browser-based mining which is carried out by executing a special script into the victim’s web page.

“The number of targeted attacks on businesses, for the purpose of installing miners, raises questions about whether mining might eventually follow in the footsteps of ransomware actors. Big money loves silence, and if miner actors attract as much attention to themselves as ransomware did, life will get complicated for them.”

In similar research, McAfee, an American cybersecurity firm, concluded that cryptojacking malware was on the rise. The report claimed that the number of crypto-mining malware attacks rose by over 600 percent in the first quarter of 2018 alone.

In a statement to the Financial Times  Steve Grobman, CTO of McAfee, stated “With the rise in the value of cryptocurrencies, market forces are driving criminals to crypto jacking and the theft of cryptocurrency.”

Images from Shutterstock