During the summer, the researchers security they noticed one increase in the number of attacks with cryptomining malware.
The main reason for this sudden increase is its rejuvenation cryptocurrency market. Trading prices began to recover after the sharp decline at the end of 2018.
Most cryptomining campaigns, which took place during this time, targeted it Monero. This particular cryptocurrency, also known as XMR, tripled its value during the summer, reaching about 115 dollars. This increase did not go unnoticed by them hackers.
Criminals focused on this and began to carry out more and more cryptomining attacks aimed at Monero.
Most attacks have been recorded since late May. Security companies have been constantly reporting new incidents. Many times, there were updates on daily attacks.
Cryptomining malware has begun to form a threat in the late 2000, when Bitcoin also appeared. Initially, malicious hackers created malicious software that targeted it Bitcoin. However, its mining became more difficult and hackers began to turn to other cryptocurrencies.
Monero has slowly become the favorite target of criminals. However, the campaigns began to become more organized when Monero reached its highest price (480 dollars) at the end of 2017 with the launch of 2018.
At that time, most hacking teams created malicious Monero mining programs and carried out attacks. It had become the most common form of malware.
The most popular campaign groups were: Digmine, Hexmen, Loap, Zealot, WaterMiner, CodeFork, Bondnet, Adylkuzz, CoinMiner, Linux.BTCMine.26, Zminer, DevilRobber, PyCryptoMiner, RubyMiner and MassMiner.
From mid to late 2018, Monero's price dropped significantly. This also resulted in a reduction in attacks. They didn't stop completely, but they were done on a smaller scale.
Now as the value of cryptocurrency rises, attacks are again becoming more frequent.
Cryptomining ……. summer
Here are some of the most popular summer cryptomining campaigns.
May 2019 -RIG exploit kit: Researchers found that the Kit used a Monero miner as the final payload. The crypto-miner targeted Windows desktop users.
June 2019: A new malware, named after, is discovered BlackSquid. It targets both Windows and Linux servers.
June 2019: One botnet (Botnet AESDDoS) used to carry out DdoS attacks, began spreading malware for Monero mining.
June 2019: An anonymous campaign that affected webservers and used cronjob.
June 2019: Researchers have discovered a new malware, named Plurox. The main target was Windows.
June 2019: The hackers used another software, the LoudMiner, which targets both MacOS and Windows.
June 2019: Researchers describe a Monero mining campaign in which hackers scan the Internet for devices Android that exposed their ADB.
July 2019: The WatchBog Cryptocurrency-mining botnet affected over 4.500 Linux machines.
August 2019: The Smominru botnet it was used for mining Monero but also for stealing credentials.
August 2019: Security researchers have discovered a new crypto-miner, known as Norman. Targets only Windows systems.
September 2019: - New Skidmap Linux malware was used to install cryptominer on web servers. Targets only Debian and RHEL / CentOS systems.
September 2019: The latest cryptomining campaign revealed yesterday, comes from the team Panda. It uses known exploits published by other groups and affects web servers.
The above campaigns show that hackers were very active during the summer. Some groups have preferred to use well-known cryptomoning software or to develop others to be used for cryptomining, while others have developed new ones.
What has been found is that as Monero's price increased, new software began to appear.
Changes in the value of cryptocurrencies could be an early warning to increase or decrease cryptomining attacks.
The good thing is that when a particular type of attack is frequent, The Companies security are familiar and are beginning to provide better protection.