Ransomware Attacks Slow down as Cryptocurrency Mining Proves More Lucrative

Throughout the previous two years, ransomware has been preferred by cybercriminals as it offered an easy method to make money. Campaigns might easily be carried out through spam electronic mail, and for many people, it wasn’t even necessary to create the malware from scratch. Ransomware-as-a-service permitted campaigns to be carried out for a 60% cut of the profits earned with no programming experience needed.

Although some threat actors are still using ransomware in spray and pray promotions or more targeted attacks, there has been a clear change toward the use of cryptocurrency mining malware. Cryptocurrency mining malware is used in lieu of ransomware because it is more lucrative. The quantity of new ransomware families found was 26% lower in the first half of 2018 compared to the second half of 2017.

The reputation of cryptocurrency mining malware – or cryptojacking attacks as they are also called – has been verified by Trend Micro in its Midyear Safety Roundup statement. Cryptocurrency mining activity findings nearly doubled in the first half of 2018 compared to the second half of 2017, increasing by 96%. Cryptocurrency mining findings in the first half of 2018 were 956% higher than in the first half of 2017. 47 new families of cryptocurrency mining malware were identified in the first half of 2018.

The statement records the altering methods used by cybercriminals to introduce the malware or drive traffic to sites that have cryptocurrency mining code set up. Those tricks include malvertising campaigns, Ad additions into websites by the Droidclub botnet, adware downloaders, the use of web miner writings in the AOL ad platform, misuse of vulnerabilities like CVE-2017-10271, and downloads through exploit kits.

A ransomware virus can prove very expensive for companies in terms of network downtime and interruption to companies’ procedures while systems are reconstructed and data are recuperated from backups. The expenses linked with cryptojacking are often lesser by comparison, however, the attacks are still expensive. Networks are decelerated which has an effect on production, energy charges rise, hardware can be worn down, or in some instances, permanent harm can be caused.

Cybercriminals are continuously changing methods and are exploring for the simplest method to make money. As the value of cryptocurrencies has risen, and safeguards against ransomware improved by firms, tricks have altered consequently. Trend Micro notes in the statement that business leaders should keep abreast of changing tricks and make sure they have adequate safeguards in place to protect against new attack techniques.

The cybersecurity company has also issued an alert to important infrastructure firms. The number of SCADA vulnerabilities identified by Trend Micro has doubled in the space of a year, with most of those vulnerabilities in human-machine interface (HMI) software. Further, cybercriminals have shifted from reconnaissance to actively abusing those vulnerabilities.