Thị trường hàng hóa

  • Vàng 2,007.50 +11.50 +0.58%
  • XAU/USD 1,998.53 +9.13 +0.46%
  • Bạc 25.317 +0.246 +0.98%
  • Đồng 3.8457 -0.0158 -0.41%
  • Platin 1,112.70 +6.70 +0.61%
  • Paladi 1,513.28 +4.88 +0.32%
  • Dầu Thô WTI 74.55 +0.25 +0.34%
  • Dầu Brent 78.06 +0.34 +0.44%
  • Khí Tự nhiên 2.311 +0.006 +0.26%
  • Dầu Nhiên liệu 2.3770 +0.0078 +0.33%
  • Xăng RBOB 2.5190 +0.0065 +0.26%
  • Dầu khí London 693.00 +1.62 +0.23%
  • Nhôm 2,312.00 -15.00 -0.64%
  • Kẽm 2,602.00 -43.00 -1.63%
  • Ni-ken 23,721.00 +75.00 +0.32%
  • Copper 8,492.50 -60.00 -0.70%
  • Lúa mì Hoa Kỳ 634.60 -6.40 -1.00%
  • Thóc 17.030 -0.040 -0.23%
  • Bắp Hoa Kỳ 597.00 -3.00 -0.50%
  • Đậu nành Hoa Kỳ 1,409.50 -4.50 -0.32%
  • Dầu Đậu nành Hoa Kỳ 51.78 -0.72 -1.37%
  • Khô Đậu nành Hoa Kỳ 425.55 -1.85 -0.43%
  • Cotton Hoa Kỳ loại 2 78.62 +0.26 +0.33%
  • Ca Cao Hoa Kỳ 2,947.50 -2.50 -0.08%
  • Cà phê Hoa Kỳ loại C 188.80 -2.80 -1.46%
  • Cà phê London 2,382.00 -143.00 -5.66%
  • Đường Hoa Kỳ loại 11 26.66 +0.15 +0.57%
  • Nước Cam 269.85 -10.00 -3.57%
  • Bê 174.45 +0.15 +0.09%
  • Heo nạc 78.40 +1.52 +1.98%
  • Bê đực non 233.70 +4.38 +1.91%
  • Gỗ 348.00 -15.70 -4.32%
  • Yến mạch 327.90 +0.60 +0.18%
17:09 17/11/2022

Kaspersky reports rapid growth in malicious mining programs

In the third quarter of 2022, Kaspersky researchers saw a sharp increase in crypto miner variants – an overall growth of over 230 percent compared to the same period last year. The number is three times more than in the third quarter of 2021 and now exceeds 150,000

Remaining hidden for months, cybercriminals use the processing power of the victim’s computer to mine cryptocurrency, with an income reaching up to $40.500 (2 BTC) per month. Monero (XMR) is the most popular cryptocurrency for malicious mining.

With the beginning of the “crypto winter of 2022”, when the value of cryptocurrencies dropped significantly, the cryptocurrency industry is facing a liquidity crisis. Despite that, criminal activity targeting cryptocurrency industry does not seem to be slowing down, according to Kaspersky’s new research paper ‘The state of cryptojacking in 2022’.

Cryptocurrency mining

Cryptocurrency mining is a painstaking and costly process, but very a rewarding one at the same time – hence, it attracts cybercriminals’ interest. Making money using crypto miners is profitable for cybercriminals – they don’t pay for equipment, or for electricity, which is rather expensive in 2022. They install mining software on the victim’s computer to use its processing power without the user's consent. It does not require much specialist technical expertise. In fact, all the attacker needs to know is how to create a miner using open-source code, or where to buy one. If the cryptomining malware is installed successfully on the victim’s computer, it provides its operator with steady earnings.

In fact, 2022 saw a sharp increase in the number of new modifications to malicious mining programs. During the first three quarters of 2022, expert analysis identified 215 843 new miners, more than twice as many as last year.

The number of new miner modifications, Q1 – Q3, 2021 and 2022

Q1 2021

23 894

Q2 2021

31 443

Q3 2021

46 097

Q1 2022

21 282

Q2 2022

40 788

Q3 2022

153 773

Notably, this increase is only due to a sharp jump in the 3rd quarter of 2022. Compared to Q3 2021, the growth was over 230 percent. Thus, in Q3 2022, the number of new malicious miners exceeded 150,000.

Most of the analyzed samples of malicious mining software (48 percent) secretly mine Monero (XMR) currency via the victim’s computer. This currency is known for its advanced technologies that anonymize transaction data to achieve maximum privacy. Those monitoring it cannot decipher addresses trading Monero, transaction amounts, balances, or transaction histories – all these factors are extremely appealing to cybercriminals.

Regarding the worlds’ most widely used cryptocurrency, Bitcoin wallets that were used in illicit mining accumulated around 1.5K USD on average in Bitcoin every month. The company’s researchers recorded an incoming transaction of 2 BTC, which is more than $40,500, per one analyzed wallet.

Most frequently, attackers distribute miners through malicious files masquerading as pirated content - films, music, games and software. At the same time, unpatched vulnerabilities pose a serious challenge to users while being an appealing lure for cybercriminals who exploit them to spread miners. Kaspersky telemetry shows that nearly every 6th vulnerability exploiting attack was accompanied by a miner infection. In Q3 miners became even more widespread than backdoors, which were the prime choice of cybercriminals throughout the first half of 2022.

The share of miners among the malware that attackers tried to launch as a result of exploiting vulnerabilities

Q1 2022

%

Q2 2022

%

Q3 2022

%

backdoor

28,86%

backdoor

27,4%

ransom

21,2%

ransom

17,01%

ransom

17,1%

miner

16,5%

miner

12,20%

miner

13,8%

backdoor

15,6%

downloader

3,00%

downloader

1,8%

downloader

2,7%

Although these are not the best days for the cryptocurrency industry, the topic of cryptocurrency has been in the spotlight throughout the year, so it’s not surprising that malicious actors would want to profit from these trends. The silver lining is that while the number of threats is rising, there are no dramatic changes in the number of users that encounter miners. That is why it is extremely important to raise awareness about the first signs that malware is being downloaded onto your computer. It is also necessary to install a reliable security solution that will prevent attacks at an early stage,’ comments Andrey Ivanov, a security expert at Kaspersky.

To stay protected from crypto miners, Kaspersky experts also recommend:

- Check the website’s authenticity. Do not visit websites allowing you to watch a movie until you are sure that they are legitimate and start with ‘https’. Confirm that the website is genuine, by double-checking the format of the URL or the spelling of the company name, reading reviews about it and checking the domain’s registration data before starting downloads

- Security solutions will protect your computer and other devices from unauthorized usage of your PC computing power to generate cryptocurrency and prevent deterioration of PC performance.

- Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.

- Use a dedicated security solution such as s Kaspersky Endpoint Security for Business with application and web control to minimize the chance for cryptominers to be launched; behavior analysis helps quickly detect malicious activity, while vulnerability and patch manager protects from cryptominers that exploit vulnerabilities.

Đọc thêm

Xem thêm