A “low and slow” approach to financially driven cyber attacks has overtaken ransomware as the chief attack vector for criminals seeking to extort money by stealth using crypto mining-based malware, according to research by British cybersecurity upstart Darktrace.
Although ransomware made headlines when it wrought havoc across the UK, Europe and America, most prominently with WannaCry, a new generation of malware is instead sitting quietly on users’ devices and in data centres to steal electricity and bandwidth to mine crypto currencies such as Monero.
According to Darktrace, throughout 2018 and into 2019 there had been increasing prominence of malware with crypto mining payloads, as well as the return of banking trojans.
Speaking with Computerworld UK, director of threat hunting at the company Max Heinemeyer, said that Darktrace had seen “very creative forms of crypto jacking going on”. Speculating as to why this shift was taking place, he said that it’s possible threat actors lost profit because ransomware victims may not have been tech-savvy enough to actually go onto Tor and make bitcoin payments.
“A better approach might be to go underground and use crypto mining because it is low and slow and guarantees a profit,” he said.