Crypto-Mining Attacks Fell Sharply in 2019 but Ransomware Is Trending: Kaspersky

In the cat-and-mouse game between hackers and users, less-lucrative crypto-mining malware fell out of favor this year.

AccessTimeIconDec 18, 2019 at 3:00 a.m. UTC
Updated Aug 18, 2021 at 11:54 p.m. UTC

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

In the cat-and-mouse game between hackers and users, less-lucrative crypto-mining malware fell out of favor this year.

While security experts at Kaspersky found that the number of "unique malicious objects" rose by 13.7 percent – led in part by a 187 percent increase in so-called web-skimmer files, malware designed to steal credit card information – the total number of mining malware infections fell drastically.

  • Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
    13:18
    Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
  • Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
    05:10
    Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
  • The first video of the year 2024
    04:07
    The first video of the year 2024
  • The last regression video of the year 3.67.0
    40:07
    The last regression video of the year 3.67.0
  • Web-miner infections were down 59 percent year-over-year, from 5,638,828 infected machines to 2,259,038. However, malware like Trojan.Script.Miner.gen, Trojan.BAT.Miner.gen and Trojan.JS.Miner.m are still on the list of top 20 threats. These apps force a user's computer to mine cryptocurrency, bogging down the user's computer and essentially stealing electricity.

    "We have observed that the number of 'common' attacks against home users is slightly decreasing, but that the number of 'loud' public cases of crypto-ransomware infections is growing – for example, just two days ago New Orleans was hit by a ransomware," said Denis Parinov, a security analyst for Kaspersky.

    Parinov believes the hackers involved in mining are moving on to more lucrative opportunities. Interestingly, the company found that even phone scammers were requesting prepaid debit card ransoms rather than cryptocurrencies.

    "[Mining attacks] have lost their popularity due to lower profitability and cryptocurrencies’ fight against covert mining," Kaspersky's head of anti-malware research, Vyacheslav Zakorzhevsky, said in a statement.

    Monero's role

    A few things changed on the security landscape to push crypto into a corner.

    "One of the most well-known web-mining services, Coinhive, declared that it is no longer economically viable," he said. "This is due to the Monero hard fork and the severe drop of XMR cost on the market. We suspect this is caused by the market and community reaction to the fact that web mining has been used without user consent in most cases."

    The company found that while crypto-mining attacks fell, there was still interest in crypto-ransomware attacks.

    "Crypto-miners and crypto-ransomware operators are still in the game, but their focus appears to have moved to targeted attacks," said Parinov.

    Parinov warns that mining attacks still exist and that users should remain vigilant. He reminded users to watch for unusual network activity or PC slowdowns.

    "The main symptom is the slowing down of overall computer or process performance – some freezes or errors can appear on the PC," he said. "Additionally, crypto mining requires specific network interactions, but these may be hard to spot for the regular PC user."

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.