Malwarebytes Reports 4000% Increase in Android Crypto-Miners in Q1 2018
Malwarebytes recently released a report highlighting a staggering 4000% increase in Android crypto-miners in the first three months of 2018. This surge contributed to a total of 16 million consumer detections by March, with businesses also experiencing a rise in infections, although at a more modest rate.
Crypto-Jacking on the Rise
The report, titled Cybercrime Tactics and Techniques for Q1 2018, indicated a shift in cyber-criminals’ preferences towards crypto-jacking over ransomware. Consumer-focused ransomware infections decreased by 35% from the previous quarter, dropping to the sixth spot in terms of top threats.
Impact on Businesses
Businesses have not been immune to the crypto-mining trend, experiencing a 27% increase in detections compared to Q4 2017. Although the number of detections in the business sector was lower than that in the consumer space, the impact of crypto-mining on organizations can be significant. It can lead to resource drain, slow down business processes, affect productivity, increase energy costs, and jeopardize compliance efforts. Moreover, infections could potentially result in information theft, ransomware attacks, and system hijacking.
Rising Concerns
Trend Micro reported that from January 1 to June 24, 2017, over 4,800 bitcoin miners triggered more than 460,000 bitcoin-mining activities, with a significant portion of these miners also initiating web and network-based attacks. Despite the surge in crypto-mining activity, adware remained the top threat for consumers, while spyware took the lead in the business realm, although both threats seem to be on the decline.
Exploiting Spectre and Meltdown
Malwarebytes also highlighted the exploitation of media coverage surrounding failed Spectre and Meltdown patches by online scammers. Phishing emails impersonating trusted sources with links to purported ‘legitimate’ patches have been circulating, leading unsuspecting victims to malware-infected sites. Additionally, there has been an increase in Coinbase-themed tech support scams targeting customers’ wallet credentials through fake Twitter accounts and blackhat SEO tactics.
Twitter’s Crackdown on Crypto-Currency Ads
In an effort to combat fraud in the crypto space, Twitter announced the ban of crypto-currency ads at the end of March. While this may help reduce fraudulent activities, the issue of fake accounts continues to plague the platform, posing challenges in maintaining a secure online environment.
Overall, the findings from Malwarebytes and other security vendors underscore the evolving landscape of cyber threats, highlighting the need for heightened vigilance and robust security measures to safeguard against malicious activities.