Microsoft Labels Malicious Crypto Mining an ‘Increasing Threat’ as Ransomware Attacks Drop

Microsoft Labels Malicious Crypto Mining an ‘Increasing Threat’ as Ransomware Attacks Drop

Microsoft has released a blog post discussing the emerging threat of malicious cryptocurrency miners.

The post from the Windows Defender Research blog noted that the number of enterprise computers encountering unauthorized coin miners doubled from December to January 2018. Microsoft suggest that the reason for this rise is that cyber criminals are moving to this form of attack due to the exponential increase in cryptocurrency valuations. Along the way attackers are ditching ransom and other attacks, which have seen a marked fall.

According to Microsoft, malicious coin mining can come in various forms and can be distributed in many different ways. The largest increase has been in so-called cryptojacking, browser-based coin miners that use background resources to mine when a user visits their URL. However, attackers can also infect computers with unwanted applications, with some able to modify startup settings so that they run every time the infected device is booted.

The post notes that the main issue associated with this form of malicious attack is the loss of computer resources, as coin mining can be a highly intensive process. Corporate networks can see a huge drain on their available resources, although Windows 10 Enterprise customers reportedly benefit from Advanced Threat Prevention -a wider set of security features to tackle malicious attacks.

Whilst Microsoft has noted successes, for example blocking a major attack earlier this month, the blog post outlines the complexity of analyzing whether a miner is a malicious attacker, as many users use the same or similar programs for personal mining purposes.

Microsoft aren’t alone in observing an increasing amount of malicious mining attacks. An investigation by The Citizen Lab last week discovered nationwide attacks in both Egypt and Turkey, with the attackers injecting malicious mining code over non-secured browsing connections. Alongside this development, a report from October last year observed that over 1.5 million devices had been affected at the time. Researchers were in agreement with Micorsoft regarding the causation, citing rising cryptocurrency prices as a driving factor. Popular minable currency Monero, for example, increased from $20 to an all time high of $470 over the course of 2017.

In order to stay protected Microsoft advise security operations personnel to use advanced behavioral and machine learning detection libraries in Windows Defender ATP to identify and eliminate potential threats. Regular users are advised that using Edge for browsing will provide ‘Microsoft-verified security’, and warned to be cautious of third-party applications.

Featured image from Shutterstock.

15.03.2018 / 00:59 111
New Report Finds Staggering 725% Increase in Malicious Mining Software New Report Finds Staggering 725%
The number of websites sneaking in malware to mine cryptocurrencies such as Monero has grown by over 700% in recent months. Have you been affected?
Internet Providers Caught Deploying Crypto Mining Malware Internet Providers Caught Deploying
If it wasn’t bad enough with hackers and dodgy websites trying to hijack your computer hardware to mine some crypto coins, ISPs have been discovered
Hackers Target 400,000 Computers with Mining Malware Hackers Target 400,000 Computers with
More than 400,000 personal computers have been attacked in a large-scale attempt to distribute cryptocurrency mining malware. The hackers used
Microsoft Thwarts Massive Electroneum Mining Malware Campaign Microsoft Thwarts Massive Electroneum
Microsoft’s Windows Defender reportedly managed to prevent a massive Electroneum (ETN) mining campaign from spreading, according to the IT giant. Per
Miners, Botnets, and Monero Create Perfect Storm for Cryptomining Miners, Botnets, and Monero Create
Several things have come together in a perfect storm to create the most recent crypto-crime trend: the ability to surreptitiously install illicit
Hackers Are Stuffing Monero Ransom Notes Inside DDoS Attacks Hackers Are Stuffing Monero Ransom
Privacy-centric cryptocurrencies like Monero (XMR) are attractive to cybercriminals, who’ll seemingly do anything to get paid. Following a
Comments (0)
Add a comment
Comment on