Malwarebytes' Cybercrime Q2 2018 Report: Cryptojacking is Plateauing in Response to Markets

Published at: July 18, 2018

Interest in cryptojacking is potentially waning among cybercriminals in response to lower cryptocurrency market valuations, according to a report from MalwareBytes Labs released July 17.

Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge.

The data and analysis laid out in Malwarebytes Labs’ “Cybercrime Tactics and Techniques: Q2 2018” report shows that while cryptojacking remains popular, decreases in detections of the activity across the board suggest that the trend may be beginning to decline:

“We are not certain which [cybercrime] threat is going to take over as the top detection next quarter, but it’s unlikely to be cryptominers.”

The report proposes that the activity is receding from the cyberthreat landscape due to criminals’ disappointing revenue returns, adding that it expects cryptojacking to “stabilize” in correlation with market trends in cryptocurrency.

The recent decline is predominantly among consumer targets, with Windows cryptomining malware detections dropping in Q2, despite “rating highly on overall detections for the quarter.”

According to the report, after a massive spike at the end of Q1 2018, malicious Android cryptominers have also seen an abrupt decline, with a 16 percent drop in mobile miners from April to May. Despite this dip, there were still 244% more malware miner detections in Q2 than in Q1, and the report suggests the Android landscape in particular could potentially see a future increase.

The report claims that enterprises at present remain more vulnerable to cryptojacking. Data for cryptojacking targeting businesses has fluctuated “every month since the crypto craze began,” with each 2018 quarter showing “some form of spike in detections, the first being in January and the second in May.”

The report notes that cryptojacking strategies are nonetheless diversifying. While Coinhive-related activity continues to be detected at high volumes, other in-browser programs such as ‘Cryptoloot’ are becoming more popular, and attackers are increasingly “leveraging open source web mining code and adapting it to their needs.” Malwarebytes Labs’ suggestion that cryptojacking was at its highest in Q1 2018 is echoed by a recent report published by McAfee Labs, which showed a staggering 629 percent rise in the activity in Q1 2018 over the preceding quarter. McAfee focused specifically on so-called coin miner malware, which works by using the Coinhive code.

Tags
Related Posts
Researchers Detect Ambitious Bitcoin Mining Malware Campaign Targeting 1,000s Daily
Cybersecurity researchers have identified a persistent and ambitious campaign that targets thousands of Docker servers daily with a Bitcoin (BTC) miner. In a report published on April 3, Aqua Security issued a threat alert over the attack, which has ostensibly “been going on for months, with thousands of attempts taking place nearly on a daily basis.” The researchers warn: “These are the highest numbers we’ve seen in some time, far exceeding what we have witnessed to date.” Such scope and ambition indicate that the illicit Bitcoin mining campaign is unlikely to be “an improvised endeavor,” as the actors behind it …
Technology / April 6, 2020
Consumer-Targeted Cryptojacking Is ‘Essentially Extinct’: Research
Illicit crypto mining — or cryptojacking — against consumers “is essentially extinct,” declares a report released by cybersecurity company MalwareBytes on April 23. Per the report, after in-browser mining service CoinHive shut down in early March — when the team claimed that the project had become economically inviable — cryptojacking against consumers has sharply decreased. At the same time, the number of such attacks targeting businesses increased from the last quarter. Furthermore, MalwareBytes also notes that bitcoin (BTC) holders who use Electrum wallets on a Mac have lost over $2.3 million in stolen coins to a Trojanized version of the …
Bitcoin / April 27, 2019
'Infect and Collect': Cryptojacking Up 629% in Q1 2018, Says McAfee Report
Cryptojacking malware activity rose a staggering 629 percent in the first quarter of 2018, according to a new report published by cyber security firm McAfee Labs June 27. Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. The McAfee Labs Threats Report for June detected over 2.9 million known samples of coin miner malware in Q1 2018 – a 629 percent rise from around 400,000 samples the previous quarter. As per the report: “This suggests that cybercriminals are warming to the prospect of monetizing infections of user systems without …
Altcoin / June 29, 2018
Botnet Exploits SQL Servers to Install Crypto Mining App
Recent reports revealed that a group of hackers behind the Kingminer botnet targeted vulnerable Microsoft SQL server databases to mine cryptocurrencies at some point in the second week of June. According to the cybersecurity firm Sophos, the attackers used the botnet, active since 2018, to exploit the BlueKeep and EternalBlue vulnerabilities, by also accessing through a trojan known as Gh0st, which relies on a remote access malware. Once the SQL server database is infected, the botnet installs a well-known crypto miner software called XMRig, which mines Monero (XMR). There are no details as of press time regarding how many systems …
Altcoin / June 10, 2020
Mining Malware Continues To Dominate Cybersecurity Threats By Seeking Out New Vulnerabilities
Mining malware may now be painfully familiar to anyone with even a passing awareness of cryptocurrency, but so far businesses and consumers alike are failing to significantly curb its growing threat. On May 14, Israeli cybersecurity firm Check Point released its latest Global Threat Index, and for the fifth consecutive month it found that the Coinhive crypto-miner is the "most prevalent malware" in the world, affecting 16 percent of organizations globally. Meanwhile, Santa Clara-based Malwarebytes released its Cybercrime tactics and techniques: Q1 2018 report on April 9, finding that businesses had seen a 27 percent increase in mining malware in …
Altcoin / May 24, 2018