Cyberattacks are rampant across the globe and no one seems to be immune to the threat. Corporations and individuals alike are taking steps to protect their data and networks, yet the threat still exists. In order to help people take the most appropriate security measures, it’s important to know where the biggest risks exist.
Cryptocurrency Mining & Billing Fraud
According to the McAfee Labs Threats Report, cryptocurrency mining is still trending and continues to rise. There’s been an estimated $1.5 billion in stolen cryptocurrency in the past two years, and total coin miner malware has nearly doubled in Q2 (up 86%), with more than 2.5 million new samples. McAfee Labs has even identified what appear to be older malware such as ransomware newly retooled with mining capabilities.
In some cases, cryptomining targets specific groups rather than a broad field of potential victims. One cryptomining malware strain has targeted gamers on a Russian forum by posing as a “mod” claiming to enhance popular games. Gamers were tricked into downloading the malicious software, which proceeded to use their computer resources for profit.
While cryptomining malware primarily targets PCs, other devices have become victims. For instance, Android phones in China and Korea have been exploited by the ADB.Miner malware into producing Monero cryptocurrency for its perpetrators.
“A few years ago, we wouldn’t think of internet routers, video-recording devices, and other Internet of Things devices as platforms for cryptomining because their CPU speeds were too insufficient to support such productivity,” says Christiaan Beek, lead scientist and senior principal engineer with McAfee Advanced Threat Research. “Today, the tremendous volume of such devices online and their propensity for weak passwords present a very attractive platform for this activity. If I were a cybercriminal who owns a botnet of 100,000 such IoT devices, it would cost me next to nothing financially to produce enough cryptocurrency to create a new, profitable revenue stream.”
Billing fraud remains popular, too, The McAfee Mobile Research team found 15 new apps—including a ringtone of the hit song “Despacito”—that contained a fake installer app aimed at subscribing users to premium-rate services without their knowledge. Many of those affected where using apps on official stores like Google Play.
Why the sudden surge in script-based malware? McAfee attributes the popularity of his type of attack to evasion. “Scripts are easy to obfuscate and therefore difficult to detect,” the report says. “Plus, scripting languages are generally easier and faster to code than other languages.”
After a couple of quiet years, LNK malware has become a major cyber threat. New LNK malware continues to grow, as cybercriminals are increasingly using .lnk shortcuts to surreptitiously deliver malicious PowerShell scripts and other malware. Total samples in the category have increased 489% over the past four quarters.
Although the appearance of new ransomware families has slowed overall in recent quarters, McAfee also saw established ransomware families spawn new variants. The total number of ransomware samples continues to grow, increasing 57% over the past four quarters to more than 17 million samples.
The bottom line: Cybercriminals are becoming increasingly savvy about how they attack. By creating and deploying new methods of hacking, the cyber threat landscape continues to change, but shows no signs of slowing down.