Crypto-mining Malware Replaces Malware As Cybersecurity’s Biggest Threat

crypto-mining malware, cryptomining, cryptojacking McAfee Labs

Researchers at endpoint security solution provider McAfee Labs recently released findings proving that crypto-mining malware has replaced ransomware as the biggest threat in cybersecurity today. In fact, McAfee found that crypto-mining malware samples spiked 629% in Q1 2018.

400,000 crypto-mining malware samples were detected in Q4 2017 whereas 2.9 million known samples were found in Q1 2018. According to McAfee Labs’ Chief Scientist Raj Samani noted that “as the price of coins goes up, we are compounded by the availability of cryptojacking malware as just as prolific … it’s a huge jump.”

Crypto-mining malware currently utilizes an “infect and collect” infiltration tactic, wherein the malware covertly penetrates enterprises’ networks and uses their processing power and electricity to mine cryptocurrency. The appeal lies in its subtlety. Ransomware and data breaches are far more blatant attacks that are often far less profitable than crypto-mining malware. A crypto-mining malware attack can remain on an enterprises’ network for months with no more indication of the threat than a slower speed and higher electricity bill.

The number of users encountering cryptojacking malware increased by 44.5% over the past year. Crypto-mining malware can cause serious damage to endpoints and to electrical systems through overheating, resulting in mounting costs.       

McAfee’s other findings include:

  • Powershell exploits fell 77% in Q1 2018
  • LNK malware rose 59% in the same time period.
  • Users encountering ransomware fell nearly 30% in 2017-2018.
  • McAfee Labs recorded an average of five new malware samples per second, a decrease from eight per second in the previous quarter.

On this last point, Dr. Samani warned against too much optimism: “I guess it’s good news … but I wouldn’t necessarily go out and buy the champagne just yet. We’re still talking about 44 million new [malware] samples, which was a 31% decrease from Q4, which was one of the highest amounts of malware samples we’ve ever had.”    

Other Resources:

Trend Micro, IoT Devices, and Cryptocurrency Mining

What Can Cryptojacking Attacks Cost Your Enterprise?

Protecting Against Cryptojacking: What Can You Do?

5 Questions on Cryptomining Answered with Bryan York of CrowdStrike

Ben Canner
Follow me

Ben Canner

Editor, Cybersecurity at Solutions Review
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner
Follow me

Leave a Reply

Your email address will not be published. Required fields are marked *