Piracy and outdated programs remain the main vector of infection
In the third quarter of 2022, Kaspersky researchers recorded more than 230% growth in detections of cryptominers, programs that mine cryptocurrencies without the victim’s consent. The number of attempted attacks (which passed the 150,000 mark) is three times higher than in the same period in 2021.
This type of threat can remain on infected equipment for months, and the profits can reach criminals up to $40,000 per month (or 2 BTC). Monera (XMR) is the most popular cryptocurrency in malicious mining.
With the start of the “crypto winter 2022”, in which the value of cryptocurrencies has dropped significantly, the sector is facing a liquidity crisis. Despite this, criminal activity targeting cryptocurrencies does not appear to be slowing down. This is the conclusion of the new Kaspersky study, The state of cryptojacking in 2022🇧🇷
An expensive process that attracts criminals
Cryptocurrency mining is a laborious and expensive process, but at the same time very profitable and this attracts the interest of cybercriminals. Malicious mining is very beneficial, as criminals do not have to pay the cost of equipment or electricity used in the process, which are the highest costs for mining these digital currencies.
Instead, they illegally install mining software on victims’ computers to use their computing without the owner’s consent.
Carrying out attacks of this type does not require a lot of technical knowledge, as it is enough to program a miner using open source or buy a miner online. Once the infection is successful, the operator will have a steady income until the scam is identified, and this can take months.
In 2022, Kaspersky experts identified a sharp increase in the number of new versions of malicious mining programs. During the first three quarters of the year, 215,843 new malware of this type were identified, more than double from last year. Notably, this growth only occurred in the third quarter, when the number of new miners reached the 150,000 level, which represents an increase of more than 230% compared to the same quarter in 2021.
Monero is the main target of scammers
The majority of illegal miner samples (48%) mine Monero (XMR) currency. It is known for its advanced technologies, which anonymize transaction data for maximum privacy.
The people who control it cannot decipher Monero trading addresses, transaction amounts, balances or transaction histories; all of these factors are extremely beneficial for cybercriminals.
Compared to the most widely used cryptocurrency in the world, Bitcoin wallets used in illicit mining have accumulated an average of around $1,500 worth of Bitcoins per month. The company’s researchers recorded an incoming transaction of 2 BTC, which equates to over $40,500 for each wallet analyzed.
As far as infection is concerned, the installation attacks of malicious miners are often disguised as pirated content such as movies, music, games and popular programs.
Exploit vulnerabilities
Another method is to exploit vulnerabilities in outdated programs, which allows them to be installed on the equipment without the owner noticing the scam. Kaspersky’s findings show that nearly a sixth of attacks exploiting vulnerabilities were accompanied by an infection by malicious miners.
In the third quarter, miners became more common than backdoors, which were the most common attacks by cybercriminals throughout the first half of 2022.
“As a security expert, I always warn against downloading pirated content and ignoring program updates. Unfortunately, I’m seeing reactions on the internet and hearing comments from acquaintances that I’m exaggerating the prediction. The increase in these attacks that take advantage of exactly these two unsafe behaviors demonstrates that my concern is well founded and based in fact. In 2018, malicious mining was the biggest threat to people and businesses that year and was already using hacking to infect its victims. Unfortunately, it’s easy to conclude that nothing has changed in four years,” says Fabio Assolini, director of Kaspersky’s Global Research and Analysis Team for Latin America.
Tips to protect yourself
To protect yourself from cryptocurrency miners, Kaspersky experts recommend:
- • Verify the authenticity of the website. Only visit sites that allow you to watch movies when you are sure they are legitimate. Before starting any download, confirm that the site is genuine by double-checking the URL format and spelling of the company name, reading reviews of the site, and checking domain registration information;
- • Use security solutions that protect your computer and other devices from unauthorized use of your computing power to generate cryptocurrency and prevent deterioration of machine performance;
- • Always keep the software up-to-date on all devices used to prevent attackers from infiltrating your network by exploiting vulnerabilities;
- • Use a security solution such as Kaspersky Endpoint Security for Business, with web and app controls to minimize the possibility of executing cryptocurrency miners.
🇧🇷🇧🇷
The best content in your email for free. Choose your favorite Terra newsletter. Click here!
Source: Terra
Camila Luna is a writer at Gossipify, where she covers the latest movies and television series. With a passion for all things entertainment, Camila brings her unique perspective to her writing and offers readers an inside look at the industry. Camila is a graduate from the University of California, Los Angeles (UCLA) with a degree in English and is also a avid movie watcher.
