In 2017, almost every day a new report on a new ransomware attack was published. In May 2017, the infamously catastrophic ‘WannaCry’ ransomware attack infected more than 230,000 around the world in less than a day. Only a month later, just over $130,000 worth of Bitcoin was transferred to the attacker as ransom payments.
In short, ransomware is a form of malicious software that encrypts a victim’s personal files and demands that the user pays for the decryption key, usually in a form of cryptocurrency. If the victim does not pay after a set amount of time, typically the ransomware will stop working or self-destruct (or similar), while leaving the files encrypted, rendering the data useless if the user does not have a backup.
The ransomware form of attack is reported to be declining in popularity. A Malwarebytes article showed that in June 2017, 70% of malware attacks were ransomware, and by December, that number had plummeted to just 5%.
While it might sound like security is winning the battle against malware, but attackers have found other means of taking your money, even without you knowing.
We recently published an article on the new form of malware attack known as ‘cryptojacking’. You can read this article here. In short, malicious websites and apps have been found to be running cryptocurrency ‘mining’ software and scripts in the background. These miners have also been found to be disguised as legitimate software such as anti-virus software or even popular software in the case of uTorrent. It is believed that attackers are moving toward cryptojacking over ransomware due to the hidden nature of cryptojacking, and there’s no need to ask victims for the money. The mined crypto is deposited straight into the attack’s crypto wallet.
Cryptocurrencies are trending massively and many are jumping onto the cryptocurrency mining bandwagon. Mining software requires a lot of computational power to make a profit, and a great deal of computational power uses a lot of electricity, so profits are difficult, or even impossible at a small scale. A regular family computer or laptop will cost more in electricity than it will generate in cryptocurrency. Now, criminals are surreptitiously outsourcing their mining to the computers of others, unbeknownst to them. These cryptomining botnets are becoming astonishingly common, with Kaspersky Lab reporting an estimate of 2.7 million cryptojackings taking place in late 2017, generating millions of dollars in crypto.
Be sure to read our article on cryptojacking for tips and tricks on how to prevent cryptojacking attacks on your computers.