- Cryptojacking attacks surged in 2023 while ransomware are at their lowest levels since 2020, according to new research.
- Bitcoin’s falling price and small businesses downloading illegal content may’ve exacerbated the problem.
- These attacks could hide something worse, SonicWall researchers say.
Cryptojacking attacks skyrocketed when Bitcoin prices fell, and could be the overture to something worse, according to SonicWall researchers.
These attacks turn victims’ computers into unknowing crypto mining rigs.
Bitcoin reached a $68,000 high in November 2021 before crashing down to as low as just above $16,000 in 2022. It currently hovers around $30,000.
That slump may have contributed to more attacks in 2022 and a nine-fold jump in these attacks in Europe in 2023.
That’s because the plummeting price of the world’s biggest cryptocurrency made it harder for miners to make a profit whilst keeping up with operational costs.
Legitimate miners sold “their rigs on eBay and [got] out of the business because it’s too expensive to maintain” whereas digital thugs simply launched more cryptojacking attacks, SonicWall vice president of product security Bobby Cornwell told DL News.
Once the crypto has been mined, the product itself is indistinguishable from legally mined Bitcoin, which is why “it’s almost impossible” to say how much crypto is created through cryptojacking attacks, Cornwell said.
NOW READ: How hackers turn stolen crypto into cash
However, cryptojacking attacks are unlikely to go away because they enable criminals to secure new revenue streams as they pivot away from ransomware heists, stay underneath law enforcement’s radar, and set up a new wave of other attacks, Cornwell said.
What’s behind the rise in cryptojacking attacks?
So far this year, there has been an almost 790% rise in Europe in attacks where cybercriminals install malware that turn victims’ computers into unknowing crypto mining tools.
North America saw an almost 350% surge in the same period, the firm said.
In total, SonicWall detected a nearly five-fold surge in cryptojacking attacks globally, representing more than 300 million attacks — reaching a record that exceeded the full year totals for the previous three years.
The jump in cryptojacking attacks at the start of 2023 is part of an ongoing trend that has seen the number of attacks grow every year since 2020.
A combination of law enforcement cracking down on ransomware gangs, plummeting Bitcoin prices, and small and medium-sized businesses downloading illegal software have helped fuel this trend, Cornwell said.
Because most cryptojacking attacks are comparatively harmless — in the sense that they may slow down devices but don’t cripple them like other attacks do — they are not as high of a priority for cybersecurity firms, he said.
This attitude may enable criminals to sneak through strings of code underneath the cryptojacking malware, a virus that can spread across compromised networks and contaminate partner organisations.
“It’s a great way for a threat actor to mask their software and start combing [through] and look for very specific [files] where nobody’s really paying attention,” Cornwell said.
Tightening markets can also contribute to a trend of small firms trying to cut corners and save $800 on new software by downloading illegal copies online, people may inadvertently install malware, he argued.
“There’s a tremendous amount of downloading of illegal software, Cornwell said, warning people may inadvertently install malware — such as cryptojacking viruses — when they do..
Law enforcement agencies have been hard at work this year.
The FBI announced in January that it had taken down the Hive ransomware operation, and seized nine crypto exchanges in May that were used to launder ransomware payments.
Those crackdowns have motivated cybercriminals to pivot to lower-cost, and less risky attack methods, including cryptojacking.
The tactic enables them to limit the risk of discovery while maximising profit potential.
Ransomware hasn’t gone away
SonicWall recorded about 140 million ransomware attacks in the first half of 2023, down by 41% from last year.
However, it noted that the number of attacks have grown in April, May, and June — suggesting ransomware could rebound.
The warning echoes research firm Chainalysis’ recent report, which showed that online extortionists were on track to steal almost $900 million in crypto in 2023.
Have a tip on cryptojacking, hacks or another story? Reach out to me at email@example.com.