An increasing number of cybercriminals are installing cryptomining software to hijack victims’ computers and use their processing power without consent.
According to the latest Kaspersky research, 2022 has experienced a sharp increase in the number of new modifications to malicious mining programmes.
So far this year, 215,843 new miners have appeared and have taken over computers.
Remaining hidden for months, cybercriminals use the processing power of the victim’s computer to mine cryptocurrency, with an income reaching up to $40,500 (2 BTC) per month.
The research indicates that Q3 ’22 saw a sharp increase in crypto miner variants; a 230 per cent increase from Q3 ’21’s 46,097 figure.
The research recognises crypto mining as a profitable venture; especially if used maliciously. Cybercriminals don’t pay for equipment or for electricity, both being rather costly in 2022.
They install mining software on the victim’s computer to use its processing power without the user’s consent; without requiring specialist technical expertise.
All the attacker needs to know is how to create a miner using open-source code, or where to buy one. Once successfully installed, cryptomining malware provides its operator with a steady stream of earnings.
The most popular cryptocurrency for malicious mining
Forty-eight per cent of the analysed samples of malicious mining software secretly mine Monero (XMR) currency via the victim’s computer.
This currency supports advanced technologies that anonymise transaction data to achieve maximum privacy. Those monitoring it cannot decipher addresses trading Monero, transaction amounts, balances or transaction histories; all extremely appealing factors to cybercriminals.
Regarding the world’s most widely used cryptocurrency, Bitcoin wallets used in illicit mining accumulated around $1,500 in Bitcoin every month. The research recorded an incoming transaction of 2 BTC, which is more than $40,500, per one analysed wallet.
Most frequently, attackers distribute miners through malicious files masquerading as pirated content. Films, music, games and software were all found to be popular outlets to achieve this.
At the same time, unpatched vulnerabilities pose a challenge to users while being an appealing lure for cybercriminals who exploit them to spread miners.
Kaspersky telemetry shows that nearly every sixth vulnerability exploiting attack was accompanied by a miner infection. In Q3, miners became even more widespread than backdoors, which were the prime choice of cybercriminals throughout the first half of 2022.
“Although these are not the best days for the cryptocurrency industry, the topic of cryptocurrency has been in the spotlight throughout the year,” comments Kaspersky’s Andrey Ivanov.
Ivanov is unsurprised that malicious actors would want to profit from these trends.
“The silver lining is that while the number of threats is rising, there are no dramatic changes in the number of users that encounter miners,” he continues.
“That is why it is extremely important to raise awareness about the first signs that malware is being downloaded onto your computer.
“It is also necessary to install a reliable security solution that will prevent attacks at an early stage.”