McAfee have released their Quarterly Threat Report, showing an 86% increase in known samples of cryptojacking in Q2 2018 alone.
Although less common than ransomware, cryptomining malware has quickly emerged as a factor on the threat landscape. After growing around 400,000 in the fourth quarter of 2017, new cryptomining samples grew 629% to more than 2.9 million samples in Q1 2018, according to McAfee.
The report found that this trend has continued in Q2, as total samples grew up 86% with more than 2.5 million new samples.
In some cases, cryptomining targets specific groups rather than a broad field of potential victims. One cryptomining malware strain has targeted gamers on a Russian forum by posing as a “mod” claiming to enhance popular games. Gamers were tricked into downloading the malicious software, which proceeded to use their computer resources for profit.
While cryptomining malware primarily targets PCs, other devices have become victims. For instance, Android phones in China and Korea have been exploited by the ADB.Miner malware into producing Monero cryptocurrency for its perpetrators.
“A few years ago, we wouldn’t think of internet routers, video-recording devices, and other Internet of Things devices as platforms for cryptomining because their CPU speeds were too insufficient to support such productivity,” said Christiaan Beek, Lead Scientist and Senior Principal Engineer with McAfee Advanced Threat Research.
“Today, the tremendous volume of such devices online and their propensity for weak passwords present a very attractive platform for this activity. If I were a cybercriminal who owns a botnet of 100,000 such IoT devices, it would cost me next to nothing financially to produce enough cryptocurrency to create a new, profitable revenue stream.”