Ransomware is out, Cryptojacking is in

Crypto-currencies became very popular popularity for the last 2 years. The idea of mining virtual money that can be used for purchasing products and services online without the intervention of central banks are the main appeal. During its early days where the hash computations were not yet very complex, people started using their own computers to mine cryptocurrencies. This mining activity became a new way of earning income for tech savvy folks. It evolved to a point people chose to build PCs specifically designed for cryptocurrency mining. What started as a hobby evolved to a global market where people employed parallel high-end graphic cards to do the intensive computational hashes needed with mining digital coins.

Cyber criminals joined the crypto-mining game, not by playing fair but taking advantage of vulnerable computers. Why invest in a powerful specialized ASIC (Application Specific Integrated Circuits) machine that cost thousands of dollars, if they can just steal computing power from others? Fortinet, a cyber-security firm released their 2018 edition of the Global Threat Landscape Report detailing the evolution of security issues in the world.

Fortinet’s findings show that ransomware, the erstwhile most common form of malware infection has been dethroned by a new type of malicious scripting: cryptojacking. Cyber criminals are exploiting a more profitable method through cryptocurrency mining in contrast to just blackmailing users through ransomware viruses. Compared to ransomware, which resorts to intimidation and loss of user files to force the victims to pay the virus authors, cryptojacking malware is non-damaging but it is highly disruptive.

Cryptojacking malware’s goal is to infect a vulnerable unpatched PC covertly. The PC then silently becomes a member of a massive crypto mining botnet. The botnet members with its collective effort mines cryptocurrency in the name of the virus authors. This new way of infection is proven more profitable than just spreading ransomwares. The data in the report shows a ratio of 1:100, in favor of the cryptojacking versus ransomware in terms of profitability.

Given that the infected PCs continue to operate while some of their CPU/GPU cycles are stolen to mine cryptocurrency in the background, cryptojacking prominence grew by 27% for the last 12-months. In contrast, the frequency of ransomware infections fell by 35% within the consumer sector during the same period.

As more players join the cryptocurrency mining phenomenon, the demand to mine for more grows. This crypto mining market grew by 4,000% for the period of January to March 2018. This increasing demand fuel the motivation of virus authors to continue improving their craft in programming for more sophisticated cryptojackers. Due to unpredictable swings of cryptocurrency’s value on a daily basis, we can never predict the future direction of cybercriminals with their evolving cryptojacking virus development.