The rise in Cryptojacking Attacks Linked to Unsecured Mobile Apps
One company believes that unsecured mobile apps are to blame for the surge in cryptocurrency mining attacks aka cryptojacking. Other internet security experts also report that unless drastic measures are taken, the attacks will only become more severe.
Coinhive Leads the Way in Cryptojacking Attacks
Amidst the price saga of 2018, the rise of cryptojacking has been another highlight of the burgeoning cryptocurrency industry. There have been numerous cryptocurrency mining hacks reported in the first half of the year. The second quarter of 2018 has seen a dramatic rise in these attacks as cybercriminals have developed even more sophisticated mining exploits.
According to California-based cybersecurity firm, Proofpoint Inc., there has been a 460m percent surge in Coinhive-based cryptojacking attacks. The firm also reveals that a large percentage of these attacks are carried out via mobile phone apps. The apps mine cryptocurrency, usually Monero – a privacy-centric coin, in the background while the phone is in operation.
Earlier in 2018, the company announced that there were 19 smartphone apps infected with Coinhive malware. These apps have since been removed from the Google Play Store. However, Proofpoint reports that Coinhive activity seems to be increasing, even experiencing a massive spike in May.
Commenting on the situation, Sherrod DeGrippo of Proofpoint said:
Cybercriminals are following the money and right now Coinhive is a road to success. Coinhive traffic has also likely increased recently because the damage it inflicts isn’t immediately apparent, but it is profitable. Ransomware, for example, is extremely disruptive and banking Trojans are much more difficult to monetize.
According to Mike Pound, a Professor at the University of Nottingham specializing in computing technology, the spate of cryptojacking is not unexpected.
It doesn’t surprise me that malware creators are moving away from simple in-browser scripts by burying mining code in apps and other banking malware. These kinds of attacks are only going to become more prevalent when this script is bundled into other malware as an add-on. It’s an efficient route to profit for criminals.
Cryptojacking: A Clear and Present Danger to the Cryptocurrency Industry
Both Google and Apple have had to remove malware-infected apps from their respective online stores. With the increase in the prices of cryptos last year, cybercriminals seem evermore desperate to acquire coins by any means necessary. Tech behemoths like Microsoft and Tesla have also had their cloud platforms infected with cryptojacking malware.
Most of the cryptocurrency mining hacks are centered on mining Monero. In March 2018, researchers discovered more than 50,000 websites infected with malicious mining scripts. However, based on Proofpoint’s findings, it seems like the attackers have upped their game significantly.
It is incumbent on internet users to be safety conscious while online. Many browser stores have plugins and add-ons that can protect computers from cryptojacking attacks. People can also endeavor to download apps only from reputable online stores.
Do you agree with Proofpoint’s analysis that shows mobile phone apps are to blame for the ubiquity of cryptojacking attacks? What steps do you think people can take to prevent falling victim to crypto mining hacks? Keep the conversation going in the comment section below.