Cryptojacking is taking over Ransomware as the new online threat: Report
The growing craze for cryptocurrencies is also turning out to be a security nightmare. Here’s how cybercriminals are using cryptojacking to breach your data.
With more than three million hits globally in the first five months of this year, cryptojacking, a form of cyber-attack in which hackers hijack the infected system’s processing power to mine cryptocurrency, is fast emerging as an alternative to ransomware, according to IT security firm Quick Heal.
The number of mobile cryptojacking malware variants has also grown from eight in 2017 to 25 by May 2018, marking a three-fold increase, Quick Heal said in a statement on Monday.
“Cryptojacking is emerging as a more cost-effective and efficient alternative to ransomware. With a ransomware attack, there is no guarantee that hackers will be paid a ransom,” said Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies.
“Cryptojacking, on the other hand, is empowering hackers to make use of infected endpoints for swifter and more assured financial gains,” Katkar said.
As more cybercriminals leverage cryptojacking as a lucrative channel of generating illicit revenues, Quick Heal Security Labs researchers expect these numbers to grow even further. As opposed to ransomware, cryptojacking attacks remain almost undetected, enabling attackers to use the compromised systems to mine cryptocurrencies for as long as they want.
They are also easier to deploy than ransomware attacks. All a hacker needs to do is to drop a cryptomining code on your system without your knowledge through an infected link or file. Another commonly used method is to infect websites and pop-up ads with a JavaScript-based cryptomining script, which is triggered when you click on infected ads or visit compromised websites.
In such instances, attackers do not even need to install a code; just opening the infected link is enough to turn your system into a cryptomining machine and generate instant returns on investment for the hacker, Quick Heal said.
System owners to deploy a robust security solution as a means of combating cryptojacking attacks, it added.