Coin-Mining Malware Volumes Soar 53% in Q4 2020

Written by

Detections of crypto-mining malware surged by 53% quarter-on-quarter in the final three months of 2020 as the value of Bitcoin soared, according to Avira.

The price of one Bitcoin now stands at over $35,500, close to an all-time-high it hit earlier this month, according to the security vendor’s Avira Protection Labs.

"The rapid increase in coin-miner malware suggests that malware authors are taking advantage of the price trend in recent months and increasingly spreading malware that aims to exploit other people’s computer resources for illegal mining activities,” argued Alexander Vukcevic, director of Avira Protection Labs.

“This correlation is not surprising but is nevertheless worrying for legitimate miners and investors.”

Crypto-mining or crypto-jacking came of age in 2017 and 2018 as cyber-criminals sought a quick and easy way to monetize attacks. It was claimed at the time that because attacks didn’t require user interaction to start generating profits for the perpetrator, many would-be ransomware groups were pivoting to the new threat.

Avira listed three main types of coin-mining malware today: executable files, browser-based cryptocurrency miners and advanced fileless miners.

It was the browser-based Coinhive that drove the previous spike in cryptocurrency-mining activity. By February 2018 it had impacted 23% of global organizations, according to one study. One researcher even found it installed on UK and US government sites including those belonging to the UK’s Information Commissioner’s Office (ICO), United States Courts, the General Medical Council, the UK’s Student Loans Company and NHS Inform.

Coinhive shut down in February 2019, but the practice appears to be spiking again alongside the value of digital currency.

Chris Sedgwick, security operations director, Sy4Security, argued that it is the lesser-known Monero currency rather than Bitcoin that’s in high demand.

“The reason why the majority of cryptocurrency malware mines Monero instead of Bitcoin is that the mining requirements for Monero is a fraction of that required for Bitcoin,” he said.

“Monero is also favored over Bitcoin amongst those individuals looking to use their gains for illegal use as there is no tracking of transactions and the Blockchain is not transparent.”

What’s hot on Infosecurity Magazine?