According to the recent Cyber Threatscape report from Accenture Security iDefense, cybercriminals have increased their use of cryptocurrency miner malware and this trend is anticipated to continue in 2019 with a shift to malware mining altcoins, most notably, Monero.
But the most disturbing conclusion is that 71% of the survey respondents, mainly Chief Information Security Officers (CISOs) are still stating that cyber attacks are “a bit of a black box” for them and they are still “not quite know how or when they will affect” their organization.
This finding seems a little bit terrifying if to investigate the big picture. Earlier in July 2018 Skybox™ Security, a global leader in cybersecurity management, issued a report saying that in the first half of 2018 crypto mining accounted for 32% of all cyber attacks, outpacing the previous favorite, ransomware (type of malware that restricts users from obtaining their system or personal files and asks ransom payment in order to retrieve the access) which is currently making up just 8%.
And the threat is getting real, from Tesla’s Amazon Web Services cloud infrastructure that was running mining malware in a well-hidden campaign back in February to the recent arrest of 20 cryptojackers from China. The group managed to mine 15 million yuan (2.2 million dollars) worth of cryptos within the two years of neat-organized operations.
And even this week alone was very fruitful for speculations on malicious mining cases: it was finally calculated that 6000 people were possibly affected because of “Abstractism” game downloads from the Steam platform and more than 200 000 people, largely in Latin America (and cryptojacking researcher Troy Mursch is still counting here) were attacked as the result of Coinhive cryptojacking campaign that’s targeting MikroTik routers. And as mentioned in McAfee®, cybersecurity company’s blog, the attack “has the potential to start spreading all over the world, given there are 1.7 million MikroTik routers all over.”
Can someone be safe in the situation when even 71% of Information Security Executives are puzzled? Some security tips are the following:
Ben Ball from BlueCat, Enterprise DNS Company believes that “all cryptojacking attempts do have one thing in common: they have to communicate out. Therefore in his opinion DNS may be the most reliable way to detect and eliminate cryptojacking at an enterprise level.”
Gary Davis is Chief Consumer Security Evangelist from McAfee® recommends checking online notices. “When made aware of vulnerabilities, manufacturers will notify the public, as well as make them aware of incoming fixes.” In addition, he suggests to “secure your home’s internet at the source.”
Furthermore, you can consider using simple tools like Qualys BrowserCheck CoinBlocker Chrome Extension, recently released by Qualys Malware Research Labs. It protects users from active cryptojacking campaigns.
And, well, let’s thank Google for blocking mining apps from Google Play Store earlier in July. They are just trying to look after us.