Botnets Are Being Repurposed for Crypto Mining Malware: Kaspersky
In the note, analysts for the cybersecurity firm said Wednesday that the number of unique users attacked by crypto miners grew dramatically in the first three months of 2018. Such malware is designed to secretly reallocate an infected machine’s processing power to mine cryptocurrencies, with any proceeds going to the attacker.
According to Kaspersky, more users were infected in September than in January and “the threat is still current,” though it is unclear whether the recent collapse in the crypto markets’ prices will have an impact on the infection rate.
The firm’s analysts said that a noticeable drop in distributed denial of service (DDoS) attacks may be attributable to “the ‘reprofiling’ of botnets from DDoS attacks to cryptocurrency mining.”
As the note detailed:
A possible explanation for cybercriminals’ increased interest in crypto-mining may lie in the fact that once the malware is distributed, it’s difficult for victims and police to detect.
Of the various types of software identified and cataloged, most reconfigure a computer’s processor usage to allocate a small amount to mining, keeping users from noticing.
The organization further looked into reasons for the prevalence of this type of malware in some regions over others, concluding that regions with a lax legislative framework on pirated and illicitly distributed software are more likely to have victims of cryptojacking.
U.S. users were the least affected by the attacks, constituting 1.33 percent of the total number detected, followed by users in Switzerland and Britain. However, countries with lax piracy laws like Kazkhstan, Vietnam and Indonesia topped the list.
“The more freely unlicensed software is distributed, the more miners there are. This is confirmed by our statistics, which indicates that miners most often land on victim computers together with pirated software,” the report said.