According to a recent report, amid decreasing number of traditional ransomware attacks, there has been uptick in crypto ransomware attacks. The increasing attacks on prominent crypto platforms has been a major concern to the regulators and the industry in large.
In its report, cybersecurity firm SonicWall, writes that traditional ransomware attacks are in decline as businesses refuse to pay up but cryptocurrencies are still being used to extort unsuspecting victims. This marks the increasing use of crypto assets by malicious actors to fool enforcement agencies as far as possible.
As per the report, a staggering 332.3 million cryptojacking attacks were recorded in the first half of 2023. This marks a 399% increase when compared with the whole of last year. To put this figure into context, that’s more than 2020, 2021, and 2022 combined.
Cryptojacking involves exploiting servers and devices belonging to other people to mine digital assets, with privacy-centric Monero being the most popular. Reportedly, in the cryptojacking cases, those affected may not even realize that they are victims; they may just notice that their machines are running slower than usual.
Spencer Starkey, VP of EMEA department for SonicWall, told media agency via mail that the biggest symptoms of cryptojacking include a slower response on devices, surprisingly higher electricity bills, and excessive fan use brought on by overheated batteries. He said:
As cryptojackers aim to go undetected for as long as possible, it can be perceived as a ‘victimless’ crime, compared to impactful malware such as ransomware or banking trojans.
Sources suggest that while one might think that declining Bitcoin prices would prompt malicious actors to divert their criminal activities elsewhere, the research report suggests market downturns have actually had the opposite effect—with the number of attacks surging as criminals struggle to make the same profits.
Threat actors are relentless, and our data indicates they are more opportunistic than ever, targeting schools, state and local governments, and retail organizations at unprecedented rates.
Bob VanKirk, SonicWall’s president and CEO
The figures suggest that malicious actors are looking for less expensive and less risky ways of making quick money.
Simultaneously, as per SonicWall’s midyear report, the US, Denmark, Germany, France, and the United Arab Emirates were most affected by cryptojacking. Reportedly, the whole of Europe witnessed a 788% rise in the number of incidents.
As highlighted in the research, cybercriminals are shifting their tactics to evade capture. One common method for targeting victims in recent months has been to distribute HonkBox cryptojacking malware in cracked versions of the video editing software Final Cut Pro. As reported by Todayq News, an evasive crypto-jacking malware strain was excessively spreading through Mac operating system.
Additionally, while cryptojacking might seem kinder than corrupting a firm’s files and threatening to release them unless Monero is paid, those behind these attacks still lack scruples. There have significant number of incidents targeting the healthcare industry.
Reportedly, the attacks on healthcare were 69 times higher in the first half of 2023 than over the same period a year earlier. Simultaneously, the education sector saw 320 times more attacks.
Hackers search for the weakest points of entry, with the lightest possible repercussions, limiting their risk and maximizing their potential profits.
Bobby Cornwell, SonicWall’s vice president of product security
Starkey went on to warn that cryptojacking has been adopted by nation-state-backed threats, all the way down to employees who are deploying miners on corporate infrastructure without permission. He said:
Because of its covert detection footprint and return on investment for actors—adoption will likely continue to grow across the threat actor ecosystem.
In a similar case of attack on government entities, the United States Department of Justice (DoJ) filed two indictments against a Russian national associated with a crypto-ransomware scheme targeting the US infrastructure.
The cyber criminals have been increasing the involvement of crypto assets as they intend to leverage the decentralised space and the privacy features to their benefits. Hence, with the increasing adoption of crypto, it is necessary and rather basic to advance the security options around the growing industry.
