Since the Wannacry attack, everyone knows what ransomware is, and companies are trying to protect themselves. Less well known are cryptominers, although infections with such malware are ten times more common.
Cryptominers infected ten times more companies than ransomware in 2018. Check Point concludes this in its Security Report for 2019. Worldwide, the security expert sees that 37 percent of all organizations have come into contact with a cryptominer. The study shows that only 16 percent consider cryptominers to be the biggest threat. Phishing is considered to be the greatest threat (66 percent) followed by ransomware (54 percent) and data leaks (53 percent).
Earlier research by Kaspersky nuanced the figures somewhat. In his Thread report for Q3 last year, Kaspersky looked at the individual endpoints or servers that were effectively affected by cryptominers. In Belgium, 0.97% of the systems are concerned. These figures show that when companies are affected, the malware usually does not spread across the entire IT environment.
Subtle threat
Cryptominers are a less immediate threat to an organization than, say, ransomware or a hack in which data is stolen, because they have no direct impact on the functioning of a company. That makes them more dangerous in their own way. The purpose of a cryptominer is to run silently in the background of a PC or server, where digital coins are mined at the expense of the attacker.
The mineral has every interest in remaining hidden. The software does use computer power and electricity at the victim’s expense. Mining is a very intensive activity, which can hinder the functionality of the IT environment, and especially the electricity bill can increase considerably.
Attack vector
In addition, an infection with a cryptominer implies that hackers have their feet on the ground. They can use the malware to send other infections to the affected system, and still encrypt or steal files whenever they want.
Despite the sharp drop in the price of cryptomints, cryptominers are still gaining in popularity, precisely because of the simplicity with which they yield money. In addition, the malware-as-a-service model is maturing. Criminals do not always have to be able to write malware themselves: just take out a subscription and share the profits.
Related: 1 in 3 companies victim of cryptomining
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.