Business Cyber Attacks Escalate While Cryptojacking Drops 26% In Q3 2018 - Malwarebytes

David Hundeyin
  • Data from cybersecurity company reveals 55% spike in data theft and ransomware deployment targeted at businesses
  • Report also shows that cryptojacking has fallen 26% due to the persistent bitcoin bear market which makes mining less profitable

Cybersecurity firm Malwarebytes has revealed that cybercriminals are modifying their tactics in favour of targeting businesses over individuals, which comes alongside a 26 percent fall in recorded cryptojacking incidents in Q3 2018.

In its quarterly ‘Cybercrime Tactics and Techniques’ report, the firm provides insights showing that cybercriminals appear to be paying more attention to big business and their treasure trove of priceless data rather than spending time and effort on individuals.

Report Overview

The report showed a 55 percent rise in criminal online activity targeted at businesses, a hefty increase over Q2 2018. To put that figure in proper context, such detections only increased by 4 percent for individual consumers.

When placed side by side, businesses and consumers showed a 5 percent increase in detections from Q2 to Q3, which may be attributed to the growing popularity of data-theft malware strains called “Emotet” and “LokiBot” which target bank services and steal valuable information.

Summarising its impression of the Q3 2018 cybersecurity threat space the report states:

After a sleepy first two quarters, cybercriminals shook out the cobwebs and revved up their engines in Q3 2018. With cryptominers and exploit kits maturing, ransomware ramping up with steady, sophisticated attacks, and banking Trojans experiencing a renaissance, we’re having one heck of a season. Attack vectors were at their most creative—and most difficult to remediate—especially for businesses

Fewer Cryptojacking Incidents Recorded

The report contains some positive news regarding the menace of cryptojacking, with the data showing that the number of cryptojacking incidents recorded a hefty 26 percent fall as bitcoin took a substantial hit in the market. For cybercriminals, this effectively made unauthorised cryptocurrency mining a less profitable activity compared to data theft and ransomware attacks.

This is in line with an earlier situation in October 2017 when cryptojacking skyrocketed as the price of bitcoin embarked on its record breaking bull run, only to fall considerably after the bitcoin price peaked and started falling.

Malwarebytes also revealed that malicious mining still remains very easy to detect and block. According to the report, it is in fact the case that “staying safe from miners has never been easier.”

An excerpt from the report reads:

As a result of a year-long onslaught of [cryptocurrency] mining, many vendors now specifically target mining software as potentially malicious. Consumers should be less worried about getting infected with miners and more concerned with banking trojans and spyware.

P2P Token Trading Platform AirSwap Discloses ‘Critical Vulnerability’

  • Peer-to-peer trading platform AirSwap claims to have identified a "critical vulnerability" in one of its smart contracts. 
  • Ten addresses have been identified so far as being at risk of exploitation. 

Peer-to-peer token trading network AirSwap has disclosed a “critical vulnerability” in a newly released smart contract. 

AirSwap's Critical Vulnerability

According to the disclosure, which was published on Sept. 13, AirSwap’s internal security team identified a potential exploit in a newly released mainnet smart contract. The vulnerability would allow an attacker to “perform a swap without requiring a signature from a counterparty.” 

AirSwap claims that the offending code was only present for twenty-four hours on the network before being identified and removed. However, users of AirSwap Instant between Sept. 11 and Sept. 12 may have been affected by the vulnerability, with the report claiming that 10 accounts have been recognized so far as being at risk. 

AirSwap has published the addresses to the vulnerable accounts, telling all other users that no further action is required. The report also outlines the step-by-step actions taken by the exchange in the aftermath of discovering the vulnerability, including an apology to its client base, 

We would like to deeply apologize to our affected users for any inconvenience these vulnerabilities may have caused, and hope that the important lessons we continue to learn throughout these processes form the basis for a more open, secure, and efficient trading environment.

Featured Image Credit: Photo via