No less than 2.5 million new instances of crypto-jacking malware have been detected in the second quarter of this year, Mcfee reports.
The staggering volume of cryptocurrency malware represents an 86% growth over the past three months and a good number stems from older crypto-jacking mining scripts according to the latest report from McAfee Labs.
“Cybercriminals continue to follow the money. Although this statement is familiar, our latest Threats Report clearly shows the migration from certain older attacks to new threat vectors ass they become more profitable,” the analysis explains. “Just as in Q1, we see the popularity of cryptocurrency mining continue to rise.”
There is no gainsaying on the accelerating and ever-present threat posed by crypto-jackers. But even with such cause to worry, the threat to the cryptocurrency sector is still eons behind the intensity faced by some other sectors. When considered in the light of other highly targeted sectors, it does not rank among the top ten. Amidst this, complacency may be a very delicate option.
The current crypto-jacking campaign spread on the internet has been a matter of interest being monitored by the crypto community. Hackers seemed to have upped their game with the use of a modified version of CoinHive that secretly mines cryptocurrency on every visited website. Over 280,000 routers have been infected according to latest counts.
The popularity of indie games may pave the way for the penetration of malware initiated by Crypto-jackers and prominent game platforms such as Steam are vulnerable. Vigilance is therefore of the essence.
Lending credence to this trend are reports from Cyber Threat Alliance, which revealed an alarming 459% increase in crypto-jacking since 2017. In a similar report released by British security software and hardware company Sophoslabs, not less than 25 Android apps published on the official Google Page store are said to contain scripts that makes cryptojacking possible.
“The apps in question have been downloaded and installed more than 120,000 times.” the report reads.
Apps implicated in the crypto jacking code saga includes LHDS Vendors; a publication of Taste of Life Group, Mobeleader which is under the stead of Abser Technologies S.L., Palpost.com’s Palkar, Dizi Fragmanları İzle which is under Oguzhan Kivrak, Helper for Knight Game; a product of Evgeny Solovyov and others – all of which comprised “preparation apps for standardized tests given in the [United States].”
High Rates of Coinhive Implementation
It becomes more disturbing when considering the shocking rate of cryptojacking apps containing Coinhive implementation. Sophomore identified 22 out of 25 apps containing an implementation of the said code, amounting to an 88% rate of coinhive implementation.
Lighton and Mobeleader hosted mining scripts in their servers, “presumably to thwart firewalls or parental controls/reputation services that might block Coinhive’s domain by default.” Xmig was being run on a Paintbox for Kids – “an open source CPU miner that can mine several cryptocurrencies in addition to XMR.”
More Crypto-jacking Apps are Discovered
Google Play Store’s ban on “apps that mine cryptocurrency on devices” was put into effect in July. The ban was a sequel to a number of other undertakings believed to constitute measures aimed at putting the lid on crypto across platforms under Google. The measures also included the prohibition of cryptocurrency mining extensions from the Chrome Web Store in April and the ban placed on advertising content relating to “cryptocurrencies and related content” from platforms managed by Google in March.
Indications are beginning to tilt towards a softer review of the harsh measures on cryptocurrency since the crackdown was launched, this is evident in Google’s recent announcement to rescind its ban on cryptocurrency ads in the U.S. and Japan.