Cryptojacking is the unauthorized use of someone else’s device to mine cryptocurrency. It typically happens when a victim unknowingly installs cryptocurrency miner malware through a phishing link, malicious website, or software download, enabling the criminals to access the victim’s device.
According to the data presented by the Atlas VPN team, cryptocurrency miners were the most common malware family, with 74,490 such threats detected in the first half of 2021.
Crypto-mining malware is not easily discoverable on victims’ devices, making it a continuously profit-generating cyberattack. The anonymity of cryptocurrencies is very convenient for threat actors, as they can benefit from their victims without being caught.
In addition to cryptocurrency miners, WannaCry ransomware threats were seen 61,068 times in the first half of 2021. WannaCry is a ransomware cryptoworm, which targets devices running the Windows operating system and spreads across networks.
What is more, malware detection infrastructure identified 39,612 webshell threats in H1 2021. A webshell attack happens when a malicious user successfully exploits web servers and enables remote access to the affected machines.
Security infrastructure also detected 39,095 Downad adware threats and 35,276 Nemucod trojan threats.
Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on cryptocurrency mining malware:“Cryptocurrency mining malware has allowed cybercriminals to earn profit with more efficiency and less effort. Unfortunately, attack victims are often left with higher electricity bills and slower device performance, the latter of which can make them more susceptible to information theft, hijacking, and other subsequent cyberattacks. ”
Most active crypto miners
Cybercriminals seek to infect as many computers as possible to increase their profits. Different types of crypto miners help hackers turn computers into robots with one task only — generating more cryptocurrency.
The most active cryptocurrency miner in the first half of 2021 was MalXMR, with 44,587 detections.
Coinminer came up second with a total of 8,533 detections in H1 2021. Coinminer can usually be found on Android phones in fake versions of popular apps from third-party sources. Some crypto miners were even found on Google Play Store apps.
Other active crypto miners in the top five include ToolXMR (6,419), CoinMine (4,082), and MalBTC (2,328).