Cryptocurrency mining malware has been around for a while and, according to a recent report from Kaspersky Labs, published on the SecureList website, in 2017 over 1.65 million computers have already been infected with cryptocurrency miners. Back in 2013, the number of global infections was of merely 205.000.
According to published data, the number of infected computers has been growing significantly every year, with an all-time high of 1.8 million infected machines last year. This year, the number is seemingly going to cross the 2 million mark, and earn hackers a much greater reward given the cryptocurrency market surge that has taken the global market cap above the $100B mark.
Hackers manage to mine cryptocurrencies via vast networks of computers, known as botnets, that are under their control without the owners’ knowledge. Earlier this year, Kaspersky Labs revealed that they detected several large botnets being used for cryptocurrency mining operations, and according to “the most conservative estimates”, some of these net their admins about $30,000 a month.
An example, given by the International Business Times, refers to a 4,000 strong botnet whose wallet earned a total of 2,289 XMR (Monero), equivalent to roughly $250,000. Various computers had Minergate, a legal console miner, installed without the owners’ knowledge. Most hackers manage to access computers either through social engineering techniques or with the use of sophisticated hacking tools such as EternalBlue, a leaked NSA exploit.
Zcash and Monero are the preferred currencies
According to Bleeping Computer, hackers prefer to use their botnets to mine privacy-centric cryptocurrencies, mainly Zcash and Monero, as these allow them to hide their trail and stay away from authorities given their anonymous nature. While Monero features ring signature technology, Zcash makes use of zero-knowledge proofs. Both technologies are known to be secure meaning that transactions cannot be traced.
Monero has been a long-time favorite, and various types of malware that mine the cryptocurrency have been developed and uncovered over the years. Zcash, on the other hand, is a recent addition that, despite being relatively new, nets hackers a lot of money. Per Bleeping Computer’s report, one group managed to make an estimated $75,000 a year, with about 1,000 computers under their control.
Kaspersky Labs adds that not only home computers have been infected, but company servers as well. The number of infected machines has surged, presumably, because the cryptocurrency ecosystem has as well.
The report reads:
“The development of the cryptocurrency market has led to an explosive growth in cases where miners are installed without users’ knowledge or consent. This can be explained by the fact that when a new cryptocurrency is emerging, it is much easier to mine and make money from it.”