According to Kaspersky Lab researchers, cybercriminals have started using sophisticated infection methods and techniques borrowed from targeted attacks in order to install mining software on attacked PCs within organizations. The most successful group observed by Kaspersky Lab earned at least $7 million by exploiting their victims in just six months during 2017.

 

Although the cryptocurrency market is experiencing plenty of ups and downs, last year’s phenomena with surges in the value of Bitcoin has significantly changed not only global economics, but the world of cybersecurity as well. With the aim of earning cryptocurrency, criminals have started to use mining software in their attacks, which, like ransomware, has a simple monetization model.

 

But, unlike ransomware, it doesn’t destructively harm users and is able to stay undetected for a long time by silently using the PC’s power. Back in September 2017, Kaspersky Lab recorded a rise of miners that started actively spreading across the world, and predicted its further development. The latest research reveals that this growth has not only continued, but has also increased and extended.

 

Kaspersky Lab researchers recently identified a cybercriminal group with APT-techniques in their arsenal of tools to infect users with miners. They have been using the process-hollowing method that is usually used in malware and has been seen in some targeted attacks of APT actors, but has never been observed in mining attacks before.

 

The attack works in the following way: the victim is lured into downloading and installing an advertisement software with the miner installer hidden inside. This installer drops a legitimate Windows utility, with the main purpose being to download the miner itself from a remote server.

 

After its execution, a legitimate system process starts, and the legitimate code of this process is changed to malicious code. As a result, the miner operates under the guise of a legitimate task, so it will be impossible for a user to recognize if there is a mining infection.

 

It is also challenging for security solutions to detect this threat. In addition, miners mark this new process through the way it restricts any task cancellation. If the user tries to stop the process, the computer system will reboot. As a result, criminals protect their presence in the system for a longer and more productive time.

 

Based on Kaspersky Lab’s observations, the actors behind these attacks have been mining Electroneum coins and earned almost $7 million during the second half of 2017, which is comparable to the sums that ransomware creators used to earn.

 

We see that ransomware is fading into the background, instead giving way to miners. This is confirmed by our statistics, which show a steady growth of miners throughout the year, as well as by the fact that cybercriminals groups are actively developing their methods and have already started to use more sophisticated techniques to spread mining software. We have already seen such an evolution – ransomware hackers were using the same tricks when they were on the rise,” said Anton Ivanov, Lead Malware Analyst at Kaspersky Lab.

 

Overall, 2.7 million users were attacked by malicious miners in 2017, according to Kaspersky Lab data. That is approximately 50% higher than in 2016 (1.87 mln). They have been falling victims as a result of adware, cracked games and pirated software used by cybercriminals to secretly infect their PCs. Another approach used was web mining through a special code located in an infected web page. The most widely used web miner was CoinHive, discovered on many popular websites.

 

In order to stay protected, Kaspersky Lab recommends that users do the following:

  • Don’t click on unknown websites, or suspicious banners and ads;
  • Do not download and open unknown files from untrusted sources;
  • Install a reliable security solution such as Kaspersky Internet Security or Kaspersky Free that detects and protects you from all possible threats, including malicious mining software.

 

For organizations, Kaspersky Lab recommends the following:

 

More information on miners’ activities can be found on Securelist.com

 

Key trends in mining attacks and the latest discoveries of cryptocurrency threats will be presented at the Security Analyst Summit by Kaspersky Lab researchers, March 9 2018 : https://sas.kaspersky.com/


RECOMMENDED ARTICLE FOR TECHWORLD


 
DJI Develops Option for Pilots to Fly Without Internet Data Transfer
Techworld Date Posted: 16 August 2017 3:00 PM | 592 Views
DJI, the world's leader in civilian drones and aerial imaging technology, is developing a new local data mode that stops internet traffic to and from its flight control apps, in order to provide enhanced.... See More
 
DJI Develops Option for Pilots to Fly Without Internet Data Transfer
Techworld Date Posted: 3:00 PM | 592 Views
DJI, the world's leader in civilian drones and aerial imaging technology, is developing a new local data mode that stops internet traffic to and from its flight control apps, in order to provide enhanced...See More

 
Transcend Expands Personal Cloud Possibilities with StoreJet Cloud 110N/210N Series
Techworld Date Posted: 20 July 2018 11:05 AM | 585 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, today announced two new additions to its StoreJet Cloud family: the 1-bay SJC110N and 2-bay SJC210N.. See More
 
Transcend Expands Personal Cloud Possibilities with StoreJet Cloud 110N/210N Series
Techworld Date Posted: 11:05 AM | 585 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, today announced two new additions to its StoreJet Cloud family: the 1-bay SJC110N and 2-bay SJC210N.See More

 
Realme Philippines to launch realme Buds 2 and realme Buds Wireless at Lazada 12.12, with smartphone markdown up to 21%
Techworld Date Posted: 9 December 2019 1:46 PM | 329 Views
Realme Philippines to launch realme Buds 2 and realme Buds Wireless at Lazada 12.12, with smartphone markdown up to 21%. See More
 
Realme Philippines to launch realme Buds 2 and realme Buds Wireless at Lazada 12.12, with smartphone markdown up to 21%
Techworld Date Posted: 1:46 PM | 329 Views
Realme Philippines to launch realme Buds 2 and realme Buds Wireless at Lazada 12.12, with smartphone markdown up to 21%See More

 
One Year On: Filipino Social Enterprises Better Equipped to Improve Quality of Education Following Completion of SAP Social Sabbatical Program
Techworld Date Posted: 14 July 2017 2:22 PM | 624 Views
Following the completion of SAP Social Sabbatical Program in the Philippines last year, two participating social enterprises, Teach for the Philippines and Silid Aralan (SAI), reported that their organizations are better able to fulfill.... See More
 
One Year On: Filipino Social Enterprises Better Equipped to Improve Quality of Education Following Completion of SAP Social Sabbatical Program
Techworld Date Posted: 2:22 PM | 624 Views
Following the completion of SAP Social Sabbatical Program in the Philippines last year, two participating social enterprises, Teach for the Philippines and Silid Aralan (SAI), reported that their organizations are better able to fulfill...See More

 
Realme Philippines to Reveal 3 Big Surprises at Realme 3 Launch
Techworld Date Posted: 14 March 2019 11:15 AM | 191 Views
Realme Philippines is all set to launch its newest offering in the Philippine market, the realme 3, on March 19. Delivering the best value in its price segments, realme Philippines further intensifies the game.... See More
 
Realme Philippines to Reveal 3 Big Surprises at Realme 3 Launch
Techworld Date Posted: 11:15 AM | 191 Views
Realme Philippines is all set to launch its newest offering in the Philippine market, the realme 3, on March 19. Delivering the best value in its price segments, realme Philippines further intensifies the game...See More

PCBG  Writing Staff
Don’t Shoot Me, Shoot the Evil Twin!
Techworld • By: PCBG  Writing Staff | Date Posted: 21 March 2018 2:52 PM | 226 Views
The number of cybercriminals is increasing. Today, we have all sorts of news going on about cyberattacks on businesses and individuals, all having different motives, from political activism, to monetary gain, to downright sociopathic.... See More
PCBG  Writing Staff
Don’t Shoot Me, Shoot the Evil Twin!
Techworld • By: PCBG  Writing Staff | Date Posted: 2:52 PM | 226 Views
The number of cybercriminals is increasing. Today, we have all sorts of news going on about cyberattacks on businesses and individuals, all having different motives, from political activism, to monetary gain, to downright sociopathic...See More

 
Kaspersky Lab Appoints New General Manager for Southeast Asia
Techworld Date Posted: 1 March 2018 2:44 PM | 999 Views
Global cybersecurity company Kaspersky Lab has announced the appointment of Yeo Siang Tiong as its new General Manager for the Southeast Asia (SEA) region covering Indonesia, Malaysia, the Philippines, Singapore, Thailand, and Vietnam. See More
 
Kaspersky Lab Appoints New General Manager for Southeast Asia
Techworld Date Posted: 2:44 PM | 999 Views
Global cybersecurity company Kaspersky Lab has announced the appointment of Yeo Siang Tiong as its new General Manager for the Southeast Asia (SEA) region covering Indonesia, Malaysia, the Philippines, Singapore, Thailand, and VietnamSee More

 
Juniper Networks Strengthens Country Presence, Appoints MSI-ECS as Country Distributor
Techworld Date Posted: 2 May 2018 3:52 PM | 217 Views
MSI-ECS has been appointed as Philippines’ distributor for Juniper Networks, across Juniper’s full range of high-performance networking, security, data center and cloud solutions. MSI-ECS, one of the country’s largest ICT distributors, will support Juniper’s.... See More
 
Juniper Networks Strengthens Country Presence, Appoints MSI-ECS as Country Distributor
Techworld Date Posted: 3:52 PM | 217 Views
MSI-ECS has been appointed as Philippines’ distributor for Juniper Networks, across Juniper’s full range of high-performance networking, security, data center and cloud solutions. MSI-ECS, one of the country’s largest ICT distributors, will support Juniper’s...See More

 
DJI Introduces Customer Loyalty Program for Ronin 3-Axis Stabilized Handheld Gimbal System
Techworld Date Posted: 18 September 2017 10:10 AM | 214 Views
DJI, the world's leader in creative camera technology, today announced a global customer loyalty program, rewarding long-time creative professionals who use its Ronin three-axis camera stabilizer and are ready to take their camera operating.... See More
 
DJI Introduces Customer Loyalty Program for Ronin 3-Axis Stabilized Handheld Gimbal System
Techworld Date Posted: 10:10 AM | 214 Views
DJI, the world's leader in creative camera technology, today announced a global customer loyalty program, rewarding long-time creative professionals who use its Ronin three-axis camera stabilizer and are ready to take their camera operating...See More

 
ADATA and XPG to Showcase Latest Innovations at Computex Taipei 2018
Techworld Date Posted: 25 May 2018 3:27 PM | 533 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, today announced that it will be showcasing its latest products at Computex 2018 Taipei (Taipei Nangang Exhibition Center, 1F, booth I0608),.... See More
 
ADATA and XPG to Showcase Latest Innovations at Computex Taipei 2018
Techworld Date Posted: 3:27 PM | 533 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, today announced that it will be showcasing its latest products at Computex 2018 Taipei (Taipei Nangang Exhibition Center, 1F, booth I0608),...See More


Power by

Download Free AZ | Free Wordpress Themes