59% of Businesses in the UK Suffered Cryptojacking Attacks at Some Point, Survey Shows

  • A recent study found that 59% of businesses in the UK have ben hit with a cryptojakcing attack at some point.
  • These attacks see bad actors maliciously use their computer resources to mine cryptos.

According to research commissioned by Citrix and executed by OnePoll, 59% percent of large enterprises in the United Kingdom have been targeted with cryptojacking attacks.

The research, which was conducted in May 2018, focused on organizations that employed over 250 people. 750 key IT decision-makers from these companies were polled about the risks posed by cyberattacks from hackers looking to maliciously mine cryptocurrency.

The findings, made public this week, showed that 59% of respondents found crypto mining malware on their computer systems sometime in the past. The last 6 months saw up to 80% of the cases, with 30% of the businesses being attacked last month.

The study’s findings seem to be in line with a McAfee Labs report that stated cryptojacking malware cases had risen by 629% in the first quarter of 2018. On the other hand, 38% of the respondents revealed their companies have never been hit with a cryptojacking attack.

Understanding Cryptojacking

Cryptojacking refers to the use of someone else’s computer resources to maliciously mine cryptocurrencies without their knowledge. This can be done remotely by infecting the target’s devices with malware that uses its machine’s processing power to mine specific cryptocurrencies, often Monero (XMR) for its CPU-friendly mining algorithm.

Finding the attackers in cryptojacking cases is extremely difficult since the cryptos they mine are often untraceable privacy-centric coins like Monero. Since they’re using someone else’s machines, the attackers could be anywhere in the world.

The practice slows down computers for its heavy CPU resource usage. Businesses, including those completely unrelated to cryptocurrencies, have to pay attention to the practice. In some rare cases, computers were forced to overheat while mining.

How Businesses Tackle the Problem

Businesses need more than anti-malware software to tackle the cryptojacking threat, as the study’s findings revealed only 7% of cases were detected by anti-malware applications. Various respondents, 38%, detected the attacks through their network monitoring systems, while 34% did so through their co-workers.

According to the poll, while 21% of companies have no plans to combat crypto mining attacks, the majority, 67%, are aware of the threats posed by cryptojacking and have policies on it.

Various businesses detect cryptojacking attacks the same way they detect other cyber threats. Some, 41%, rely on network monitoring systems, while 24% rely on blocking crypto mining websites

Disgruntled Employee Arrested for Allegedly Stealing $700,000 from Altcoin Trading Platform

Police in Tokyo arrested two men for allegedly stealing 78 million yen in bitcoin from the altcoin trading platform CoinExchange, which shut down last year.

According to the Japan Times, the Metropolitan Police Department’s cybercrime unit arrested Yuto Onitsuka, 25, and Takuma Sasaki, 28, over computer fraud charges related to the theft. The two are suspected of stealing the BTC from CoinExchange at the end of October 2018, one year before the platform shut down.

As CryptoGlobe reported at the time, CoinExchange was trading an average of $700,000 a day across 500 trading pairs, many of which included little-known altcoins with rather low trading volumes. The platform’s management wrote:

Unfortunately it is no longer economically viable for us to continue offering market services. The costs of providing the required level of security and support now outweigh our earnings.

The Japan Times reports that Onitsuka was an employee at the Tokyo-based cryptocurrency exchange at the time, and had access to the company’s cryptocurrency wallets. Sources quoted him as saying he wanted to try and bankrupt CoinExchange as he wasn’t satisfied with the firm’s management at the time.

The report suggests Onitsuka knew Sasaki through an online bulletin board. The latter ended up getting the private keys to the cryptocurrency wallets through the disgruntled employee, and used them to move the BTC to other wallets controlled by the pair.

Some of the stolen crypto is believed to have been laundered as Sasaki’s bank account showed large sums of money. He reportedly withdrew 6 million yen, close to $55,000, which were used to travel.

Featured image via Pixabay.