Skybox Security, a world leader in cybersecurity, announced the release of its biannual report, «Vulnerabilities and threats – trends and tendencies», which States that hidden mining has become more popular with cybercriminals than extortion.
In the document, covering the period from January to June 2018, the company’s experts say that in cases of latent mining accounted for 32% of the total number of threats while on a solicitation – only 8%. A little more than six months ago the situation was completely the opposite – the total volume of hidden threats 32% were racketeering, and 7% held a hidden mining.
The company’s specialists noted that the last couple of years, cyber extortion was the most popular way of earning money from attackers. The scheme, which employed the criminals was standard: if the victim’s computer run a special malware, it is encrypted all the data on the target computers (the program was able to distribute itself over the network). To unlock had to pay a ransom in bitcoin. Usually it was given 2-3 days to the person or organization being in panic, could not determine if they have backups of the data they need. I’m sure many remember the name of the programs that made the most noise: WannaCry, NotPetya, BadRabbit.
Recently, however, protection of such programmes was seriously improved. In addition, people have learned to make backups on time and thus avoid foreclosure.
All this, and the heyday of cryptocurrency, has created fertile ground for the development of latent mining, which becomes more and more attackers, as it is a much more convenient way of earning than extortion.
«Hidden mining has allowed criminals no longer have to think about whether paid ransom or not. Getting on the victim’s device, the program will produce cryptocurrency until then, until the device breaks or it will not be replaced by software.»
The report also notes that criminals do not shun anything. FOR for covert mining is trying to infect smartphones, tablets, etc. Any device with a processor and the ability to install programs, or at least browser, can potentially produce cryptocurrency. Integration mining code hidden on the page of the website, makes this method of mining cryptocurrency is practically invisible because it does not need to infect the computer bypassing the antivirus program.
According to Symantec, in 2017 the number of cases of latent mining increased by 8500%. And according to the company Malwarebytes in the first quarter of 2018, the number of cases of latent mining has increased by 4000% in comparison with the last quarter of 2017.