Malicious crypto-currency mining is a bigger threat than ransomware

In 2018, malicious crypto-currency mining became a greater threat than ransomware, which has been viewed as a major scourge over the past few years.

A worldwide surge in malicious crypto-currency mining has seen the number of attacks increase by over 83%, with more than five million users attacked in the first three quarters of 2018, compared to 2.7 million over the same period the year before.

According to Kaspersky Lab, the major driver behind the crypto gold rush was the installation and use of unlicensed software and content.

“The number of Internet users attacked by malicious crypto-currency mining software increased steadily during the first half of the year, peaking in March, with around 1.2 million users a month coming under attack,” the company said.

Kaspersky’s researchers looked into the sudden rise in popularity of crypto-mining to uncover what drove the global distribution of this threat. They analysed the regulatory landscape, electricity prices in the top 10 countries targeted by crypto miners, as well as the main infection vectors for the popular malware families.

The analysis reveals that neither crypto-currency legislation nor the cost of power has a significant impact on the spread of malicious mining malware. “However, the investigation of malware families reveals that they mainly infected devices by duping users into installing pirated software and unlicensed content,” says Kaspersky.

An activity not generally perceived as dangerous: the downloading and installation of dubious software, underpins what is arguably the biggest cyber threat story of the year – malicious crypto mining.

Evgeny Lopatin, security expert at Kaspersky Lab

Evgeny Lopatin, security expert at Kaspersky Lab, says the analysis revealed that the economic background of malicious crypto mining and the reasons for its widespread presence in certain regions showed that where it was easier to distribute unlicensed software, more incidents of malicious crypto miner activity were detected.

“In short, an activity not generally perceived as dangerous: the downloading and installation of dubious software, underpins what is arguably the biggest cyber threat story of the year – malicious crypto mining,” Lopatin adds.

Kaspersky advises users to keep software updated on all devices and, to prevent miners from exploiting vulnerabilities, to use tools that can automatically detect vulnerabilities and download and install patches.