Cryptographic malware activities increased by more than 4% in 2018, according to a new quarterly report published by computer security company McAfee Labs on December 18.
Cryptojacking is the practice of using the processing power of a computer to extract cryptocurrencies without the consent or knowledge of the owner. The McAfee statistic of more than 4000 percent refers specifically to total instances of a cryptographic malware, referred to in the study as "coin miner".
The report extends to a series of new vectors of malware threats for cryptography, including in particular an increase in new malware targeting Internet of Things (IoT) devices:
"New [mining] malware targeting IoT devices has grown 72%, with total malware growing 203% in the last four quarters. The new token malware has grown by almost 55%, with a total of 4,367% of malware growing in the last four quarters. "
As the report notes, the increase in IoT targeting threats is somewhat surprising, given the low CPU processing power of the devices. Yet, the report continues, "cybercriminals have taken note of the increasing volume and poor security of many IoT devices and have begun to focus on them, leveraging thousands of devices to create a mining super-computer."
Remco Verhoef, a McAfee security researcher, has also outlined the operation of a malware threat to MacOS crypto malware, later dubbed OSX.Dummy, distributed over mining chat groups. The threat actor has suggested to the users of the Slack, Telegram and Discord channels to download the software "to solve cryptographic problems". This software – which is actually false – then "runs with a single row in Bash":
"Users have essentially infected their devices instead of falling victim to an unknown exploit or exploit kit." Running, OSX.Dummy opens a reverse shell on a malicious server, allowing an attacker to access the compromised system. "
A previous report by McAfee Labs had already indicated that cryptojacking increased by an astonishing 629 percent in the first quarter of 2018 alone. This month, research conducted by the cybersecurity research company Kaspersky Lab revealed that the encryption has passed ransomware as the main threat to cybersecurity in some parts of the world.