Coindesk Logo

Botnets Are Being Repurposed for Crypto Mining Malware: Kaspersky

Botnets Are Being Repurposed for Crypto Mining Malware: Kaspersky

Botnets Are Being Repurposed for Crypto Mining Malware: Kaspersky

A security bulletin released by Kaspersky Labs states that botnets are increasingly being used to distribute illicit crypto mining software.

A security bulletin released by Kaspersky Labs states that botnets are increasingly being used to distribute illicit crypto mining software.

A security bulletin released by Kaspersky Labs states that botnets are increasingly being used to distribute illicit crypto mining software.

AccessTimeIconNov 29, 2018, 5:00 AM
Updated Aug 18, 2021, 10:19 PM

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

A security bulletin released by Kaspersky Labs states that botnets are increasingly being used to distribute illicit crypto mining software.

, analysts for the cybersecurity firm said Wednesday that the number of unique users attacked by crypto miners grew dramatically in the first three months of 2018. Such malware is designed to secretly reallocate an infected machine's processing power to mine cryptocurrencies, with any proceeds going to the attacker.

According to Kaspersky, more users were infected in September than in January and "the threat is still current," though it is unclear whether the recent collapse in the crypto markets' prices will have an impact on the infection rate.

The firm's analysts said that a noticeable drop in distributed denial of service (DDoS) attacks may be attributable to "the 'reprofiling' of botnets from DDoS attacks to cryptocurrency mining."

As the note detailed:

"Evidence suggests that the owners of many well-known botnets have switched their attack vector toward mining. For example, the DDoS activity of the Yoyo botnet dropped dramatically, although there is no data about it being dismantled."

A possible explanation for cybercriminals' increased interest in crypto-mining may lie in the fact that once the malware is distributed, it's difficult for victims and police to detect.

Of the various types of software identified and cataloged, most reconfigure a computer's processor usage to allocate a small amount to mining, keeping users from noticing.

The organization further looked into reasons for the prevalence of this type of malware in some regions over others, concluding that regions with a lax legislative framework on pirated and illicitly distributed software are more likely to have victims of cryptojacking.

U.S. users were the least affected by the attacks, constituting 1.33 percent of the total number detected, followed by users in Switzerland and Britain. However, countries with lax piracy laws like Kazkhstan, Vietnam and Indonesia topped the list.

"The more freely unlicensed software is distributed, the more miners there are. This is confirmed by our statistics, which indicates that miners most often land on victim computers together with pirated software," the report said.

Image via Shutterstock

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.