Wednesday November 13, 2019
Home Lead Story Quick Heal: C...

Quick Heal: Cryptojacking Emerging as Alternative to Ransomware

As more cybercriminals leverage cryptojacking as a lucrative channel of generating illicit revenues, Quick Heal Security Labs researchers expect these numbers to grow even further

0
//
Quick Heal: Cryptojacking Emerging as Alternative to Ransomware
Quick Heal: Cryptojacking Emerging as Alternative to Ransomware. (IANS)

With more than three million hits globally in the first five months of this year, cryptojacking, a form of cyber-attack in which hackers hijack the infected system’s processing power to mine cryptocurrency, is fast emerging as an alternative to ransomware, according to IT security firm Quick Heal.

The number of mobile cryptojacking malware variants has also grown from eight in 2017 to 25 by May 2018, marking a three-fold increase, Quick Heal said in a statement on Monday.

“Cryptojacking is emerging as a more cost-effective and efficient alternative to ransomware. With a ransomware attack, there is no guarantee that hackers will be paid a ransom,” said Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies.

“Cryptojacking, on the other hand, is empowering hackers to make use of infected endpoints for swifter and more assured financial gains,” Katkar said.

As more cybercriminals leverage cryptojacking as a lucrative channel of generating illicit revenues, Quick Heal Security Labs researchers expect these numbers to grow even further.

Quick heal
Quick Heal.

As opposed to ransomware, cryptojacking attacks remain almost undetected, enabling attackers to use the compromised systems to mine cryptocurrencies for as long as they want.

They are also easier to deploy than ransomware attacks. All a hacker needs to do is to drop a cryptomining code on your system without your knowledge through an infected link or file.

Another commonly used method is to infect websites and pop-up ads with a JavaScript-based cryptomining script, which is triggered when you click on infected ads or visit compromised websites.

Also Read: New HP Pavilion ‘x360’ With Pen Now in India

In such instances, attackers do not even need to install a code; just opening the infected link is enough to turn your system into a cryptomining machine and generate instant returns on investment for the hacker, Quick Heal said.

System owners to deploy a robust security solution as a means of combating cryptojacking attacks, it added. (IANS)

Next Story

New Encryption Ransomware that Exploits Windows Vulnerability Identified

The vulnerability CVE-2018-8453 that the ransomware uses was earlier found to be exploited by the FruityArmor hacking group

0
cybersecurity
In India, the average cost of data breach grew 7.29 per cent year-over-year to reach Rs 12.8 crore from Rs 11.9 crore last year, said a new study by IBM. Pixabay

Researchers at cybersecurity firm Kaspersky have uncovered new encryption ransomware named Sodin which exploits a recently discovered Windows vulnerability to get elevated privileges in an infected system. The ransomware takes advantage of the architecture of the central processing unit (CPU) to avoid detection – functionality that is not often seen in ransomware.

“Ransomware is a very popular type of malware, yet it’s not often that we see such an elaborate and sophisticated version: using the CPU architecture to fly under the radar is not a common practice for encryptors,” said Fedor Sinitsyn, a security researcher at Kaspersky.

“We expect a rise in the number of attacks involving the Sodin encryptor, since the amount of resources that are required to build such malware is significant. Those who invested in the malware’s development definitely expect if to pay off handsomely,” Sinitsyn added.

ransomware
The vulnerability CVE-2018-8453 that the ransomware uses was earlier found to be exploited by the FruityArmor hacking group. Pixabay

The researchers found that most targets of Sodin ransomware were found in the Asian region: 17.6 per cent of attacks have been detected in Taiwan, 9.8 per cent in Hong Kong and 8.8 per cent in the Republic of Korea.

ALSO READ: Microsoft Virtual Keyboard App SwiftKey Now Allow Users to Send 3D Animated Animal Emojis

However, attacks have also been observed in Europe, North America and Latin America, Kaspersky said, adding that the note left on infected PCs demands $2500 worth of Bitcoin from each victim. The vulnerability CVE-2018-8453 that the ransomware uses was earlier found to be exploited by the FruityArmor hacking group. The vulnerability was patched on October 10, 2018, Kaspersky said.

To avoid falling victim to Sodin threats, make sure that the software used in your company is regularly updated to the most recent versions, said Kaspersky researchers. Security products with vulnerability assessment and patch management capabilities may help to automate these processes, they added. (IANS)