The just concluded study by a cybersecurity firm shows a decline in cases of ransomware by mid-2023. The analysis revealed that the education sector emerged as the target for cybercriminals. The sector suffered 320X more cryptojacking by June 2023 than in 2022.
The cybersecurity firm observed that the market downturn witnessed at the onset of 2023 featured more attacks. SonicWall noted that traditional ransomware is declining as most businesses fail to settle payments. Nevertheless, the report indicated that cryptos are still leveraged to extort victims.
SonicWall noted that 332.3 million cryptojacking attacks occurred within the first half of 2023. The frequency of cryptojacking saw a 399% increase compared to the 2022 stats. The analysis showed that these year’s incidents surpassed the 2020, 2021, and 2022 aggregate.
Cryptojacking involves exploiting devices and servers owned by other parties to utilize them for mining digital assets. The analysis shows that privacy-centric Monero was the most frequent. SonicWall warned that the cryptojacking victims are unaware of the attack. The report indicated that cryptojacking is noticeable when machines run slower than usual.
Higher Electricity Bills and Excessive Fan Utilization are Cryptojacking Symptoms
SonicWall vice president within the EMEA region, Spencer Starkey, indicated that cryptojacking symptoms are the slower responses witnessed on the devices. Surprisingly, the attacks are likely to lead to higher electricity bills. Also, the devices suffer excessive fan utilization as batteries become overheated.
Starkey observed that cryptojackers involve undetected victimless crime and may become undetected for longer. It differs from the impactful malware trend, where banking trojans and ransomware are easy to detect.
SonicWall warns that declining Bitcoin prices could encourage malicious actors to heighten their criminal activities. The research shows market downturns usher in frequent attacks as criminals pursue profits.
SonicWall chief executive Bob VanKirk noted that threat actors portray relentless energy with data supporting their opportunistic conduct. In particular, they target learning institutions, retail organizations, and local and state governments. The trend shows malicious actors are pursuing the less expensive alternative that guarantees quick and less risky earnings.
The midyear report ranked the US, Denmark, and Germany as the worst hit by cryptojacking incidents. Joining the top victims are France and the UAE as jurisdictions worst hit by the cryptojacking. The study showed that the Europe bloc witnessed a 788% increase in cryptojacking incidents.
Cryptojacking Camouflages Illicit Activities in HonkBox Malware
The SonicWall study shows a trend where cybercriminals continually adjust their tactics to camouflage their illicit activities. A preferred approach detected in recent months involves the distribution of HonkBox cryptojacking malware. Its distribution is concealed in the cracked version of the popular video editing software Final Cut Pro. SonicWall observed that nothing comes for free.
Malicious actors deploying cryptojacking lack scruples despite the action appearing kinder than encrypting files and threatening to release unless paid in Monero. While cryptojackers do not demand payment via private currency, the actors target the most vulnerable parties.
The healthcare sector suffered 69X incidents by mid2023 compared to the same period in 2022. The education sector was an unfortunate victim by registering 320X more attacks.
Product security vice president at SonicWall, Bobby Cornwell, indicated that hackers preferred identifying the vulnerable points to gain entry. Hackers consider entry points with the least repercussions and risk, optimizing the potential profits.
Cryptojacking Set to Dominate Threat Actor Ecosystem
Starkey warned against writing off the threat posed by ransomware. He cited the downturn incident witnessed by the UK’s National Health Service (NHS) in 2017 and the slowing of the Colonial Pipeline in 2021 as the inherent threat posed by ransomware. The sobering figures illustrate that crypto-hungry hackers may strike at anytime.
Starkey observed that the cryptojacking vice had gained state-backed status alongside insider-staged attacks by employees who deploy the mining on the corporate infrastructure.
Starkey warns that the adoption of cryptojacking would continue despite the discovery of footprint. Actors are motivated by the generous return on investment for the actors. Cryptojacking practices would gradually become widespread as the preferred channel within the threat actor ecosystem.