Cryptominers Overtake Ransomware as Top Malware Threat
In a shift of cyber threats, cryptominers have risen to the top of detected malware incidents, displacing ransomware as the number one threat. Comodo Cybersecurity Threat Research Labs’ latest report reveals that the landscape of malware has significantly changed from 2017. During the first quarter of 2018, Comodo Cybersecurity identified 28.9 million cryptominer incidents out of a total of 300 million malware incidents, representing a 10% share. The number of unique cryptominer variants also saw a significant increase, growing from 93,750 in January to 127,000 in March. This surge in cryptominer activity has come at the expense of ransomware, with new variants decreasing by 42% from January to March.
The rise of cryptominers can be traced back to 2017, following the exponential increase in the price of Bitcoin to $20,000. This trend continued into 2018 as the market capitalization of cryptocurrencies exceeded $264 billion.
Monero has emerged as the preferred target for cryptominers, surpassing Bitcoin. Its features make it an attractive option for cybercriminals, as it provides anonymity for transaction parties and amounts, cannot be tracked or blacklisted, and offers more frequent mining opportunities with blocks created every two minutes. Additionally, Monero is designed for mining on standard computers, making it accessible for a wider range of attackers.
Malware Evolution and Password Stealers
Comodo Cybersecurity’s research also highlights the evolving sophistication of password stealers, which have become more dangerous over time. Cybercriminals are continuously enhancing and updating malware to target users’ credentials. Pony Stealer, for example, now possesses advanced capabilities in data theft and obfuscation.
Despite the decline in ransomware detections, experts anticipate a potential resurgence of this threat. While ransomware incidents dropped from 42% in August 2017 to 9% in February 2018, there is a concern that ransomware could evolve into a tool for data destruction rather than extortion, as demonstrated by attacks like NotPetya.
Regional Malware Trends
Geographical analysis of malware types reveals distinct patterns across different countries. Nations facing significant challenges related to Trojans, viruses, and worms include Brazil, Egypt, India, Indonesia, Iran, Mexico, Nigeria, Philippines, Russia, and South Africa. In contrast, countries with higher socioeconomic status and advanced cyber defenses often experience a higher prevalence of application malware.
As the cyber threat landscape continues to evolve, organizations and individuals must remain vigilant and implement robust security measures to safeguard against malicious activities.