As the cryptocurrency market continues to grow, Secureworks’ CTU research team is seeing an increased number of cryptocurrency mining malware attacks. There was a significant increase in alerts for cryptocurrency mining traffic across the Secureworks client base from May 2017 through February 2018 (jumping from approximately 15,000 alerts in May to as much as 280,000 alerts in October), at a rate which broadly mirrored the increasing value of BitCoin and other cryptocurrencies. Secureworks Incident Response analysts have seen unauthorised currency mining in a large proportion of engagements they have worked, particularly in the second half of 2017.
Unauthorised cryptocurrency mining can cost an organisation in hardware and energy, and in the shorter term can also cause critical servers and applications to become unavailable as their processing capacity is consumed. Even more worrisome is the fact that the threat actors, who have infected the computers with cryptocurrency mining malware, can and will deploy additional malware onto these systems, such as banking trojans or ransomware.
You can find a copy of the Cryptocurrency Mining Malware Landscape report here.