Endpoint security solution provider Comodo recently released their Comodo Cybersecurity Q1 2018 Report, which explores the proliferation of cryptocurrency mining malware and ransomware throughout the world. The findings confirmed many of the suspicions endpoint security experts harbor about hackers’ changing priorities and tactics.
Here are the key findings from the Comodo report:
Cryptocurrency Mining Is Taking Over
Comodo found that cryptojacking attacks have benefited from an incredible increase in Q1 2018. At time of writing, the vendor determined that cryptocurrencies represent over $264 billion in market capitalization—a huge market with often insufficient endpoint security. Therefore, it’s a natural lure for hackers. Comodo detected 28.9 million cryptojacking attacks out of 300 million malware incidents in Q1 2018 and a North American 10% increase in attacks.
Monero is currently the most illicitly mined cryptocurrency, with Bitcoin in second place. Bitcoin’s transactions are automatically trackable and public, and Bitcoin wallets can be blocked for suspicious behaviors. Monero does not have such limitations, allowing for greater obscurity for threat actors. Combined with the ability to mine Monero on ordinary endpoints, its surge in illicit popularity is unsurprising.
Cryptojacking malware infiltrates networks either as Trojan horses or hidden in freeware bundles.
Ransomware Decreasing, but Comodo Fears Resurgence
If cryptocurrency mining has seen an increase, ransomware malware has seen a decrease. In August 2017 Comodo found that 42% of malware attacks were ransomware. In February 2018 it only represented 9%. From January to March 2018, ransomware saw a 42% decrease in new variants—from 124,320 to 71,540. New variants can make it difficult for endpoint security solutions to detect threats.
However, the endpoint security vendor urges against assuming ransomware is on the way out. If endpoint security solutions become too focused on stopping cryptocurrency mining attacks, hackers might switch tactics to ransomware in response. Its malicious potential is yet untapped.
Comodo also explored password stealers and geopolitical power structures in relation to cybersecurity. You can read the full report here.