Cryptojacking is the new ransomware. Is that a good thing?

hashflare cloud mining and bitcoin regulation crypto coin farm
NurPhoto/Getty Images

Making money from mining cryptocurrencies isn’t just something that people do with their own hardware, malware authors have also been creating malicious software to have other people do the hard work them – and we don’t mean cloud mining. While this represents a new fad in the realm of malware authorship though, it may not be around in this guise for long.

“Cryptojacking is outpacing ransomware reports by a factor of 1 to 100, and these numbers will continue to increase …”

In our history of malware feature, we looked at how malware tends to come in waves. While the latest and most dangerous in recent memory has been ransomware, it’s been pushed far from the top spot of common attacks in recent months by the advent of cryptominers, which look to force infected systems to mine cryptocurrency directly. While it may have been riding high recently though, like the value of cryptocurrencies themselves, it’s a malware type that already seems to be on the decline.

Digital Trends spoke with some prominent digital security experts to find out what this means for the near future of malware and what they think cryptomining malware might look like in the months and years to come.

No crowned king lasts forever

“Since cybercriminals are always financially motivated, cryptojacking is yet another method for them to generate revenue,” said Liviu Arsene, senior E-Threat analyst at BitDefender. “Currently, it’s outpacing ransomware reports by a factor of 1 to 100, and these numbers will continue to increase for as long a virtual currencies remain popular and the market demands it.”

These stats were backed up by MalwareByte’s quarterly malware report. It noted that cryptomining had become one of the most common malware in recent months. It suggested that it had increased by as much as 4,000 percent in the consumer sector over the last quarter. It was also growing in the business space, with a 27 percent increase in overall detections during last quarter.

That increase made it the second most common digital infection. MalwareBytes noted over the past three months, falling only just behind adware. In comparison, ransomware, which has been a major threat for the past few years, saw a notable decline in the consumer space, falling by 35 percent.

Part of that could be to do with the more sophisticated targeting of ransomware at businesses and larger enterprises, but it may also be that the top producers of the ransomware software have been halted in their tracks.

“I wish there were miners everywhere, that [it was] all we had to deal with.”

“There was a big arrest last year, that was likely the creators of cerber, the biggest ransomware family at the time,” MalwareBytes head of malware intelligence, Adam Kujawa told us. “If that was the case, it makes sense that that particular malware family would drop off. After that we’ve seen a couple of new families, but nothing that’s being distributed at the same sort of level.”

Since that happened, Kujawa noted that MalwareBytes had seen a general drop off in ransomware distribution and that this was indicative of the marketplace shifting direction.

Profile of a new predator

Although old standouts like adware and spyware are still more prevalent than cryptojacking, the new kid has quickly become one of the most common threats seen. Malware authors will take a freely available cryptocurrency miner that is aimed at consumer usage and modify it so that it runs silently on a system, making it harder to detect and therefore giving it longer to generate income for the author before it’s discovered. The malware is then usually distributed alongside some other form of malware like an exploit kit which allows it to be installed in the first place.

But even if you don’t download a malicious file or click a dodgy link, websites themselves can force your machine into the crypto mines, like the extremely prevalent CoinHive incident from earlier this year.

CoinHive
A Coinhive javascript program injected into a web page’s code

“Browser-based cryptojacking is becoming very popular amongst cybercriminals, especially when end users are concerned,” explained BitDefender’s Arsene. “Deploy it within legitimate and high-traffic websites after they’re breached their security, it has immediate return-on-investment as each visitor will mine cryptocurrency for as long as the script-based miner remains on the server.”

Cryptomining has a few unique features too, compared to other commercial malware solutions. For starters, it’s almost platform agnostic, with infections cropping up on Macs and Android devices, as well as Windows PCs. Kujawa told Digital Trends that as many as 1,000 new Mac-targeted cryptominers had appeared in the past three months alone.

So, what’s the problem?

If cryptomining isn’t particular smart or targeted then, is it something we need to be too concerned about? If a victim’s computer runs slow while they’re on an infected website, rather than having their files encrypted or identity stolen, would it not be better for everyone if malware authors focused on that kind of attack than more traditional ones?

“The fact that the victim is running cryptocurrency mining software is the least of their problems.”

“The spread of cryptominers is no where near the ‘everybody panic’ state [like] when encrypting ransomware first came out,” Kujawa said. “I wish there were miners everywhere, that that’s all we had to deal with, and no ransomware or information thieves.”

BitDefender’s Arsene agreed, to a point, suggesting that on the surface cryptojacking was relatively benign. However, as much as this sort of malware might be less of a threat than other types, that doesn’t mean it doesn’t have potential to damage — or mask more serious threats.

hashflare cloud mining and bitcoin regulation crypto coin farm
A bitcoin mining farm NurPhoto/Getty Images

One such threat facing businesses is a loss of productivity, as MalwareBytes’ CSO and CIO, Justin Dolly, explained. If left unchecked, cryptominers also have the potential to cause damage to hardware. As MalwareBytes found when one of its malware-trap systems was infected with a number of miners.

“After the cryptomining craze [last year] one of our systems had its graphics card fried, because of how many miners were being loaded up in analysis of this system,” Kujawa said. “[They] would rev up the GPU cycles and CPU and just kill it, so we had to replace the graphics cards.”

Perhaps the biggest risk with cryptomining though, is that it can be used in tandem with other types of malware. Imagine a ransomware attack  the user is scrambling to figure out how to decrypt their files, their PC is mining away and earning the attackers even more money.

“This will likely fuel the need to create mining rigs made of large botnets.”

“If a victim has been compromised using an unpatched vulnerability or via a fileless attack, the fact that the victim is running  cryptocurrency mining software is the least of their problems,” said BitDefender’s Arsene. “Technically, the attacker could have deployed any payload – ranging from keylogging malware to data exfiltration malware.”

Even if cryptomining malware doesn’t bring with it a whole host of other problems too, there’s always the chance that it will not be detected for months or even years in the case of some systems.

How long is the wave going to last?

Cryptomining might be more dangerous than it appears, but like all other types of malware, it is likely to have its heyday. Indeed, as cryptocurrency values have fallen since the end of 2017, the instances of cryptojacking have been falling too. While the overall numbers might be higher than last quarter, they are lower than their peak, as Malwarebytes’ latest malware report shows.

cryptojacking is the new ransomware that a good thing liviu arsene bitdefender portrait
Bitdefender Senior Analyst, Liviu Arsene. Bitdefender

“Cryptojacking is definitely here to stay,” BitDefender’s Arsene said. “These numbers will continue to increase for as long as virtual currencies remain popular and the market demands it.”

Another interesting wrinkle he raised was that as the difficulty of mining of various cryptocurrencies increases, it could be much more lucrative to get others to do the hard work for you.

“Since mining for cryptocurrency will become increasingly more expensive to mine using someone’s own private hardware, this will likely fuel the need to create mining rigs comprised of large botnets, hence fueling the cryptojacking threat,” he said.

That’s something that MalwareBytes sees as having a lot of potential too. Especially when you consider some of the enormous IoT driven botnets we’ve seen in recent years. But ultimately that all depends on whether it’s actually worth it to keep investing in that avenue of malware authorship.

If anything, it’s easier for digital security companies when a new trend is breaking. They know what they need to focus on in the immediate future. But now that cryptominers may have peaked, the experts are unsure of what to expect next.

“This is an anomalous time right now, and that’s the scariest part,” Kujawa said. “The scary part is not knowing where the criminals will go when cryptocurrencies no longer interest them.”

Emerging Tech

Awesome Tech You Can’t Buy Yet: inflatable backpacks and robotic submarines

Check out our roundup of the best new crowdfunding projects and product announcements that hit the Web this week. You can't buy this stuff yet, but it sure is fun to gawk!
Emerging Tech

Cutting-edge paper-based battery is powered by electron-harvesting bacteria

Want to know what tomorrow's batteries could look like? Researchers from Binghamton University, State University of New York are busy developing a new type of battery that's made out of paper.
Movies & TV

The best movies on Netflix in August 2018, from ‘Her’ to ‘Jurassic Park’

Save yourself from hours wasted scrolling through Netflix's massive library by checking out our picks for the streamer's best movies available right now, whether you're into explosive action, subdued humor, or anything in between.
Home Theater

The best noise-canceling headphones paint your music on a cleaner canvas

Drowning out the sound of babies, jet engines, and the outside world isn't as hard as it seems. Here are the best noise-canceling headphones, whether you're concerned with style, comfort, or sound.
Computing

The Andromeda botnet still lingers as nations struggle to clean infected PCs

A report by Fortinet suggests that although the FBI and Europe ended the Andromeda botnet’s reign in late 2017, there are still infected PCs. Cleaning up these PCs isn’t progressing at the same pace across various regions.
Product Review

Dell's XPS 15 is the PC every laptop wishes it could be

Not everyone needs the power that a laptop like the Dell XPS 15 provides. But if you need a computer that can handle the heavy workload you use every day, the XPS 15 might be the best you can buy.
Product Review

Asus ZenBook 3 Deluxe (late 2017) review

As our Asus ZenBook 3 Deluxe (late 2017) review shows, adding an 8th-gen Intel Core processor to an excellent thin and light chassis makes for a great combination.
Computing

Reluctant to give your email address away? Here's how to make a disposable one

Want to sign up for something without the risk of flooding your inbox with copious amounts of spam and unwanted email? You might want to consider using disposable email addresses with one of these handy services.
Computing

Both the Razer Blade and XPS 15 are capable laptops, but which is better?

We pit the latest Dell XPS 15 against the latest Razer Blade 15 to see which machine meets the needs of most people. Both are a fast, attractive, and well-built, but they still appeal to different users.
Computing

Use one of these password managers to stay safe online

The internet can be a scary place, especially if you don't have a proper passcode manager. This guide will show you the best password managers you can get right now, including both premium and free options. Find the right password software…
Computing

Logitech’s distinctive new ergonomic mouse looks as good as it feels

Logitech's first true ergonomic mouse sports an interesting tilted design that encourages less muscle strain. We spent some time with the MX Vertical to see how comfortable it is and determine whether or not we'd prefer it to a standard…
Mobile

Airport’s low-tech solution to digital chaos involves the humble whiteboard

A U.K. airport has suffered a major computer error, caused by data connection problems, which has stopped flight boards from showing crucial passenger information. The solution is wonderfully low-tech.
Computing

Here’s how to watch Nvidia’s GeForce event at Gamescom

Today is August 20, and that means Nvidia may showcase its GeForce RTX 20 Series of add-in graphics cards for gamers. We’re sticking with that name rather than the previous GTX 11 Series brand due to today’s date.
Computing

HTC breaks down VR barriers by bringing Oculus Rift titles to Viveport

HTC's Viveport store and subscription service will be opened to Oculus Rift users in September this year, letting them buy titles directly and take advantage of the monthly game-delivery service.