In the third quarter of this year (Q3 2022), Kaspersky researchers found a sharp increase in variants of cryptocurrency miners, or an overall growth of over 230% compared to the same period last year. confirmed. The popularity of cryptocurrencies has skyrocketed and experienced its ups and downs over the past year.
That number has tripled since the third quarter of 2021 and now stands at over 150,000, according to the cybersecurity solutions company. Cybercriminals can stay hidden for months and use the processing power of the victim’s computer to mine cryptocurrency, earning up to $40,500 (2 BTC) per month. Monero (XMR) is the most popular cryptocurrency for malicious mining.
The cryptocurrency industry is facing a liquidity crisis with the onset of “Crypto Winter 2022” when the value of cryptocurrencies has dropped significantly. Nevertheless, according to Kaspersky’s new research paper, “The state of cryptojacking in 2022,” criminal activity targeting the cryptocurrency industry appears to be unabated.
“Cryptocurrency mining is a laborious and expensive process, but at the same time it is very rewarding, which is why it is of interest to cybercriminals,” said Kaspersky.
Making money using cryptocurrency miners is profitable for cybercriminals. Cybercriminals don’t have to pay equipment and electricity bills that will be significantly higher in 2022. After installing her mining software on a victim’s computer, all an attacker needs to know is how to create a miner. Whether to use open source code or where to buy. If the cryptomining malware is successfully installed on the victim’s computer, the operator can earn a steady income.
This year saw a sharp increase in the number of new changes to malicious mining programs. During his first three quarters of 2022, expert analysis identified over 200,000 new miners. That’s more than double what he did last year. This increase is due to a sharp increase in Q3 2022. In Q3 2022, the number of new malicious miners exceeded 150,000.
malicious mining software
Most of the malicious mining software samples analyzed (48%) secretly mined Monero (XMR) currency via victim computers. The currency is known for its advanced technology that anonymizes transaction data for maximum privacy. Those monitoring it cannot decipher your Monero transaction addresses, transaction amounts, balances, or transaction history. All these factors are very attractive to cybercriminals.
When it comes to the world’s most widely used cryptocurrency, bitcoin wallets used for illegal mining averaged about $1,500 of bitcoin each month. A researcher at the company said he recorded an incoming transaction of 2 BTC (over $40,500) for each wallet analyzed.
In most cases, attackers distribute miners through malicious files disguised as pirated content (movies, music, games, software). Unpatched vulnerabilities pose serious problems for users, but they are also attractive lures for cybercriminals who exploit them to spread to miners. According to Kaspersky telemetry, he had a minor infection in almost one in six attacks that exploited the vulnerability. In Q3, miners became more prevalent than backdoors, which remained the main choice for cybercriminals throughout the first half of 2022.
To stay protected from cryptocurrency miners, Kaspersky experts also recommend:
- Check the credibility of the website. Do not visit any website where you can watch movies until you are sure it is legitimate and starts with “https”. Double-check the format of the URL or the spelling of the company name, read reviews about it, and check the domain’s registration data to make sure the website is genuine before you start the download.
- Security solutions protect your computer and other devices from unauthorized use of your PC’s computing power to generate cryptocurrency and prevent your PC from slowing down.
- Keep your software up to date on all the devices you use to prevent attackers from exploiting vulnerabilities to get into your network.
- Minimize the chances of cryptominers being launched by using a dedicated security solution such as Kaspersky Endpoint Security for Business with Application and Web Control. Vulnerability and patch managers protect against cryptominers exploiting vulnerabilities, while behavioral analysis helps detect malicious activity quickly.