Cryptomining replaces ransomware as most prevalent threat

Awareness of ransomware and rise in price of cryptocurrencies has caused the change, says Skybox Security

In the mid-year update to its Vulnerability and Threat Trends report, security vendor Skybox Security notes that the relative positions of ransomware and cryptomining threats have changed.

In the update covering trends from January to June 2018, cryptomining quickly overtook ransomware, reversing the position at the same time last year. The 2017 report found that 32 per cent of cyber attacks were from ransomware whilst cryptomining only accounted for seven per cent. However, the figures have now reversed, with cryptomining at 32 per cent whilst ransomware makes up just at eight per cent of all attacks.

Ron Davidson, Skybox CTO and vice president of R&D, said: "In the last few years, ransomware reigned supreme as the shortcut money-maker for cybercriminals. It doesn't require data exfiltration, just encryption to hold the data hostage and a ransom note of how the victim can pay up. With cryptominers, the criminals can go straight to the source and mine cryptocurrency themselves. There's no question of if they'll be paid or not."

Ransomware has been the favourite method for money-making cyber attacks for the last couple of years. It provided cybercriminals with an easy route to income by encrypting people's data and only unlocking it if the victim paid a ransom. However, people have learned to avoid ransomware and security vendors have got better at intercepting it, so cybercriminals have adopted cryptomining as the best money-making strategy.

With cryptomining or cryptojacking, cryptocriminals secretly steal the victims resources (CPUs and GPUs and bandwidth) in order to mine cryptocurrency. With the significant rise in the value of cryptocurrencies like Bitcoin over the last 12 months, this technique is potentially more lucrative.

Malicious cryptomining has been also found success by targeting the mobile app store of Google Android, with billions of potential targets worldwide. Android was found to have 200 more vulnerabilities than it did in 2017.