With the ransomware market becoming saturated and overpriced, hackers are setting their sights on so-called cryptojacking, which is giving them a new revenue stream.
That’s according to the new Symantec Internet Security Threat Report which was released Thursday (March 22). The report provides a deep dive into the threat landscape by analyzing data from its Global Intelligence Network, which tracks more than 700,000 global adversaries, records events from 126.5 million attack sensors around the globe and monitors threat activities in more than 157 countries and terrorists. With cryptojacking, the cybercriminals are taking stolen processing power and cloud CPU usage from unwitting consumers and enterprises to mine for cryptocurrency. The task only requires a few lines of code for the hackers — but it can slow devices, overheat batteries and make certain devices unusable, Symantec said. For corporations who are victims, it could put the network at risk of a shutdown or increase CPU usage, which will thus result in more expenses for the enterprise.
“Cryptojacking is a rising threat to cyber and personal security,” said Mike Fey, president and COO at Symantec, in a press release highlighting the results of the latest data. “The massive profit incentive puts people, devices and organizations at risk of unauthorized coinminers siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers.”
Symantec also found that Internet of Things, or IoT, devices are still an attractive target for the bad guys, with a 600 percent jump in the number of IoT attacks last year. That means that hackers could use the connected nature of the devices to mine for cryptocurrencies. Symantec noted there has been an 80 percent increase in cryptojacking against the Mac operating system last year as well. What’s more — among the attackers, the majority used spear phishing to infect victims, a trick that has been around for a long time. Malware is also growing in popularity, with Symantec identifying a 200 percent increase in hackers injecting malware into the software supply chain last year — which is equal to one attack every month. That's up from four attacks in all of 2016. “Hijacking software updates provides attackers with an entry point for compromising well-guarded networks. The Petya outbreak was the most notable example of a supply chain attack. After using Ukrainian accounting software as the point of entry, Petya used a variety of methods to spread laterally across corporate networks to deploy their malicious payload,” Symantec said in the release.