McAfee Labs has once again published an overview of the current threats in cyberspace. Also crypto-friends have reason to be worried.
IT security firm McAfee Labs has released its August 2019 threat report. The report provides an overview of viruses and other cyber threats for the first quarter of 2019, including some malware relevant to crypto space. In particular, McAfee Labs has seen a significant increase in cryptojacking incidents.
McAfee Labs published the report on its website on August 28, according to which cryptojacking campaigns grew 29 percent in the first quarter of 2019. In addition, IT experts observed a 118 percent increase in ransomware attacks over the same period. Such attacks are increasingly targeting businesses. The report’s authors note that despite an increasingly sophisticated technology, most attacks still rely on social engineering and human error for their success.
Cryptojacking Affects Both Windows and Mac
In cryptojacking, hackers infect devices with viruses with the aim of misusing their computing power to dig for crypto currencies. The infected devices are connected together to form huge botnets. McAfee Labs catalogued threats targeting both Windows and Mac devices.
A prominent representative is the PsMiner. The malware is transferred like a Trojan, its target is servers. After successful infection, the PsMiner uses a PowerShell command to install a Monero Miner. The crypto currency Monero (XMR) is particularly attractive for criminals due to its anonymity, and the computing power of home computers is sufficient. In fact, only a few days ago the French police succeeded in digging up a huge monero-mining botnet. The hackers caught had infected 850,000 computers.
McAfee Labs also describes the CookieMiner as a new malware. The malware program targets Apple devices, as its primary function it wants to steal access data and wallets. The process of data theft is automated, the malware steals data from crypto exchanges such as Binance, Bitstamp, Bittrex, Coinbase, MyEtherWallet and Poloniex. By the way, the name of the malware is program, because the CookieMiner not only steals access data but also browser cookies. This is intended to circumvent the two-factor authentication of most crypto exchanges.
In addition to data theft, the CookieMiner also installs a program to mine Koto, a relatively unknown crypto currency from Japan. While Bitcoin requires an expensive GPU to mine, Koto has the advantage that one CPU is sufficient. After all, it is present in every computer.