Most cybercriminals are financially motivated, performing various malicious cyber activities to generate revenue. Several threat actor groups leverage cryptocurrencies, demanding ransom payments in Bitcoin or Monero. According to an analysis from Cisco Talos, adversaries are deploying malicious cryptomining techniques to infect targeted systems and mine crypto coins.
Higher the value, grave the crime
The price of cryptocurrencies is highly volatile. The rise in crypto values certainly influences the frequency of illicit cryptomining in the wild. As the price skyrockets, crypto hackers perform various crypto hacking campaigns using malware payloads like RATs and banking Trojans. Attackers often target cryptocurrency exchanges and digital wallets to steal virtual currency.
Among all cryptocurrencies, Monero is the most preferred virtual coin for attackers in their illicit mining activities. The standard design of Monero enabled attackers to mine them on unsuspecting systems across the globe.
“It appears that the mining activity does have some dependence on the value of the currency. The most cryptomining activity we’ve ever seen has occurred in the last couple of months when Monero hit its all-time high. Outside of the short price drop that occurred in early 2021, before the massive spike, the graph tracks almost identically the value of the currency. This was honestly a surprising correlation since it’s believed that malicious actors need a significant amount of time to set up their mining operations, so it’s unlikely they could flip a switch overnight and start mining as soon as values rise. This may still be true for some portion of the threat actors deploying miners, but based on the actual data, many others are chasing the money,” Cisco Talos said.
Crypto Threats Surge by 500%
According to Akamai’s report, cybercriminals are using several malware variants to infect both personal and corporate servers for malicious cryptomining activities. The report stated that the access to fake crypto exchange phishing URLs increased over 500% between March 2020 and May 2021. Threat actors are also leveraging malicious crypto apps to trick users and steal crypto coins.
“We believe the increase in malicious traffic is driven by the increase in cybercriminals’ motivation to execute cryptomining activities. As cryptocurrency prices grow, and the potential benefit from malicious mining activities increases, cybercriminals gain momentum as well,” the report added.