Spike in CryptoJacking and IoT threats in 2018 : McAfee Threat Labs December 2018 Report

McAfee Threat Labs December 2018 report highlighted crypto mining malware threats increased by 71% in the quarter ending December 2018. A sharp increase in malware targeting IoT (Internet of Things) devices is also highlighted.

Cryptojacking is an unauthorized use of smart devices including computers to mine cryptocurrencies. In order to do so, Coin mining malwares are used.

Malware targeting IoT devices grew by 72% in December ending quarter and total malware targetting IoT devices grown by 203% in 2018 as compared to the previous year 2017. The report highlighted the possible exploitation of volume of IoT devices leveraging their high numbers over their limited CPU processing power for crypto jacking purpose.

New coin mining malware grew by 55% in December ending quarter and total malware growing to 4,467% in 2018 as compared to the previous year.

Snip from https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-dec-2018.pdf

The report stated that most of the times messengers such as slack, telegram and discord channels prompted users to download software. Single bash oneliner opens a reverse shell to the malicious server in case of OSX.Dummy malware allowing an attacker to gain access to the system.

In scenarios, highlighted in the report, where attackers exploited unpatched MikroTik routers. Security researcher Troy Mursch detected more than 3,700 compromised devices serving as miners.