Hackers are turning their attention to crypto-jacking as a profitable way to make money illegally, according to a new online security alert.
Crypto-jacking is taking over from ransomware as the hacker’s tool of choice, says Kaspersky Labs.
Crypto-jacking is when a hacker dumps malicious code on ‘zombie’ smartphones or computers belonging to unsuspecting users to access their machines to mine cryptocurrency without their knowledge.
The reward is miners can collect cryptocurrency worth thousands of pounds for unlocking new coins or tokens – worth around £22,000 for Bitcoin, for example.
Miners reported a 44.5% increase in crypto-jacking attacks in 2017.
The number of targeted attacks on businesses, for installing miners, raises questions about whether mining might eventually follow in the footsteps of ransomware actors. Big money loves silence, and if miner actors attract as much attention to themselves as ransomware did, life will get complicated for them,” said the report.
Ransomware attacks plunged by 30% in 2017, even though the WannaCry attack on Britain’s national health service and other government organisations grabbed the headlines.
The hackers accessed networks through an exploit in Microsoft Windows and demanded Bitcoin ransoms to unlock hard drives.
But the number of attacks dropped from 2.6 million in 2016 to 1.8 million in 2017.
Cyber-jacking is less risky crime
“Ransomware is not an unfamiliar threat. For the last few years it has been affecting the world of cybersecurity, infecting and blocking access to various devices or files and requiring users to pay a ransom, usually in Bitcoins or another widely used e-currency, if they want to regain access to their files and devices,” says the Kaspersky report.
“Ransomware is rapidly vanishing, and that cryptocurrency mining is starting to take its place.”
McAfee, another online security firm, confirmed the Kaspersky findings, saying crypto-jacking reports had increased by 600% in the first quarter of 2018.
“The suggestion is that cybercriminals are warming to the prospect of monetizing infections of user systems without prompting victims to make payments, as is the case with popular ransomware schemes. Compared with well-established cybercrime activities such as data theft and ransomware, cryptojacking is simpler, more straightforward, and less risky,” said the McAfee report.