O primeiro trimestre de 2018 já passou, e pesquisadores de segurança foram capazes de tirar algumas conclusões importantes. Parece que durante os primeiros três meses deste ano, ransomware foi finalmente destronado. The new most prevalent cybersecurity threat is now cryptomining, to no one’s surprise, realmente. The statistics come from Comodo’s Global Malware Report Q1 2018.
Ransomware No Longer Number 1 Threat
Ransomware has long been the most widespread infection attacking users worldwide and compromising their private data. Agora, cryptominers have become the most prevailing infection. Contudo, it is not Bitcoin that is in the spotlight of malicious crypto mining but Monero, researchers found.
pesquisadores from Comodo have been following cryptominers, and concluded that the biggest increase in these infections started in 2017 shortly after Bitcoin’s price skyrocketed to $20,000. The infection tendency continued with the beginning of 2018 when the market cap of cryptocurrencies reached $264 bilhão. This is the milestone that shifted the attention of cybercriminals from ransomware to cryptomining.
During Q1 2018, Comodo Cybersecurity detected 28.9 million cryptominer incidents out of a total of 300 million malware incidents, amounting to a 10% compartilhar. The number of unique cryptominer variants grew from 93,750 in January to 127,000 em março. Ao mesmo tempo, the data shows this criminal attention came at the expense of ransomware activity, with new variants falling from 124,320 in January to 71,540 em março, uma 42% decrease.
Mais especificamente, Monero miners have become attackers’ favorite tools. And that’s not surprising at all – cybercriminals have been choosing Monero over Bitcoin for several reasons.
Desde o início da 2017 Monero has been growing steadily. moeda (XMR) is perhaps the most untraceable cryptocurrency, and it has been developed with privacy in mind. It is open-source and freely available to all. With Monero, you are your own bank. According to Monero’s official website, only you control and are responsible for your funds, and your accounts and transactions are kept private from prying eyes.
Monero was launched in 2014, and it offers enhanced privacy features. It is a fork of the Bytecoin codebase which uses identity-obscuring ring sugnatures. This is how the cryptocurrency conceals which funds have been sent in both directions – to whom and by whom.
Monero’s privacy-centered features ideally serve cybercriminals’ purposes, as it hides their transactions, cannot be tracked or blacklisted. Monero also creates blocks every two minutes which gives criminals more opportunities for attacks. Monero is also perfect for mining on average user machines.
Como um resultado, numerous Monero miners have been detected in the wild exploiting the resources of users’ computers worldwide. Aqui estão vários exemplos:
Other Malware Trends from Q1 of 2018
Senha, Data Stealers
Besides cryptominers, password stealers have become more sophisticated than before. Comodo researchers observed the trend of credentials stealers being added to malware. This means that criminals are very interested in collecting passwords and login details. The team analyzed new variants of the well-known Pony Stealer malware which has demonstrated new capabilities in stealing data, and had become stealthier than before.
Even though ransomware is not the most widespread threat right now it doesn’t mean that ransomware operators will leave things at that.
Ransomware attacks led the malware market in previous quarters, but showed a radical decrease in the number of overall detections, likely due to the shift to the low-hanging fruit of cryptominers, researchers said in their report. The number of ransomware infections dropped from 42% em agosto 2017 to just 9% em fevereiro 2018. Não obstante, Comodo says that both users and security experts should prepare for new ransomware attacks, where the focus may be data destruction like in the NotPetya case.
Geopolitical malware detections correlate with current events around the world, the report found out. In Q1 2018, there were potential geopolitical correlations related to national elections in China and Russia. Comody says that there were correlations in Egypt, Índia, Eu corri, Israel, Turkey and Ukraine relative to military operations, along with other trends across Europe, Asia and Africa.