McAfee Report: Cryptocurrency Mining Malware Grew At Least 4000% Over Last Year

Kevin O'Brien

Cybersecurity firm McAfee said in a new report how the total amount of cryptocurrency “coin miner” malware has increased by over 4,000% in the past year.

In the December 2018 McAfee Labs Threats Report, the company noted a sharp rise in new coin miner malware from Q4 2017 to Q1 2018. The amount seemed to level off in Q2 but jumped starkly again from Q2 to Q3.

Techspot reported how McAfee identified a decline in the number of new ransomware families, which seemingly suggests cybercriminals are starting to switch the bulk of their focus towards cryptojacking.

Tech-Focused Malware Still On The Rise

Cybercriminals are also targeting technological devices suc as IoT-enabled cameras due to a lack of security.

The report from McAfee found that malware related to the IoT was up by 73% in the third quarter. Crypto mining malware was up 71% in Q3.

The report’s authors noted how it might not make sense for people to use “routers or IoT devices such as IP cameras or videorecorders as cryptominers” since they have weak CPUs.

However, McAfee also said that cybercriminals are still able to make money if they can control a large amount of devices, as “cryptominers will take advantage of any reliable scenario.”

The report touched on a few examples of how cybercriminals were able to exploit victims with crypto mining malware. One scenario had a malicious actor posting messages on Slack, Telegram, and Discord asking people to download certain fake software in order to alleviate crypto-related problems. This created a situation where “the users essentially infected their own devices.”

Cryptojackers Remain Effective At Targeting Companies

CryptoGlobe reported in November about a scheme where the Make-A-Wish Foundation's website was successfully targeted by cryptojackers.

Security company Trustwave was able to hone in on the attack to reveal that cybercriminals were able to exploit an old version of Drupal to inject the Coinhive mass-mining script.

The Foundation sealed off the vulnerability after being notified, but hundreds of websites have suffered the same attack pattern, according to Trustwave’s Simon Kenin.

Early last month, CryptoGlobe wrote about a Swiss report that asserted the sixth biggest attack on the nation’s crypto industry this year came from a Monero mining virus.