McAfee’s September 2018 Threats Report has revealed a surge in cryptomining malware.
Although less common than ransomware, cryptomining malware has quickly emerged as a factor on the threat landscape, says McAfee.
After growing around 400,000 in the fourth quarter of 2017, new cryptomining malware samples grew by 629% to more than 2.9 million samples in Q1 2018.
This trend continued in Q2 as total samples grew by 86% with more than 2.5 million new samples. McAfee Labs has even identified what appear to be older malware such as ransomware newly retooled with mining capabilities.
“Cybercrime is a business, and market forces, such as the rise in cryptocurrency values, will continue to shape where adversaries focus their efforts,” said Raj Samani, McAfee Fellow, Chief Scientist at McAfee.
“Exploiting cryptomining malware is simpler, more straightforward, and less risky than traditional cybercrime activities – causing these schemes to skyrocket in popularity over the last few months. In fact, cryptomining malware has quickly emerged as a major player on the threat landscape.”
McAfee also saw the continued adaptation of the type of malware vulnerability exploits used in the WannaCry and NotPetya outbreaks of 2017.
“Cybercriminals are rapidly branching out to new attack techniques and tools, from fileless malware to cryptocurrency mining, to capture new revenue streams. Customers faced with this ever-changing attack landscape are carefully considering their risk position – creating a key opportunity for channel partners,” said Ed Baker, EMEA partner lead at McAfee.
“Partners must be on-hand to advise customers when building their security strategies and provide guidance when making security investments going forwards. To stay ahead of cyber criminals, all parties in the cybersecurity industry need to focus on collaboration. This means making sure that tools can operate together, removing siloed security teams and making it easier for companies to protect data, detect potential threats, and work to effectively correct them.
Baker continued: “Together the cybersecurity industry must consider the operational procedures, capabilities and resources in place and apply the right technology solutions, working practices, policies and services to be as effective as possible against diversified cybercriminals.
“This means building a proactive, platform-based and partner-powered integrated cybersecurity system that will allow customers to move from reactive incident response to proactively hunting threats. In this way, organisations can ensure that if a breach does occur, it can be resolved quickly with minimum disruption to the business.”