Cryptojacking, which is the most common way for cybercriminals, is the process of mining cryptocurrency using the processing power of the target computer and cloud CPU usage. With the attention of bitcoin, the notion of cryptocurrency has attracted great popularity. In addition, cybercriminals favored the cryptojacking technique of extracting cryptocurrency by planting malicious codes.
However, according to a recent ISTR report released by Symantec, the value of the cryptocurrency ‘Monero(XMR)’ has fallen to 90%, and the cryptojacking peaked at the beginning of 2018, but showed a 52% decline throughout the year. As the adoption of cloud and mobile computing has increased, both the effectiveness of attacks and the profit have fallen. However, cryptojacking should not be ignored as it is still attracting attackers with low entry barriers, minimal overhead and guaranteed anonymity.
At the same time, ransomware also shows a decline in overall attack activity and in profit. The number of infections by ransomware fell 20% last year, down for the first time since 2013. However, in 2018, the number of ransomware attacks against enterprises has risen by 12%, showing a contradiction to the overall downturn, which is a constant threat to them. In fact, more than eight out of ten ransomware infections are affecting the enterprises.
Furthermore, the ransomware is evolving. Ransomware is mainly targeting enterprises through e-mail with office files. The reason why enterprises are targeted is that they typically use Windows, do not back up important files well, and there will be a lot of profit when the attack succeeds. The certain ransomware families, such as a wanted SamSam, usually attack with a lot of ‘PowerShell’ scripts and mainly target medical institutions and local governments. In 2018, they already attacked at least 67 agencies, and the amount of extortion is estimated to reach $6 million.
According to the latest annual report of the IBM X-Force security research, the number of cryptojacking is more than double that of ransomware, as the ransomware attacks were greatly reduced last year. While the attempts to install ransomware on devices in the fourth quarter of last year were declined 45% from the first quarter, the increasing rate of cryptojacking attacks grew to 450%. The industries that received the most cyber-attacks include finance (19%), transportation (13%), service (12%), distribution (11%), and manufacturing (10%).
|▲ Cryptojacking is on the decline, but it cannot be ignored.|
As cryptojacking and ransomware are slowing down, a new form of crime has emerged among cybercriminals, which is ‘Formjacking’. Formjacking is a virtual ATM skimming that steals financial and personal information of individual users through card information and credit card fraud on online purchasing sites. According to Symantec’s reports, on average, over 4,800 websites appear to be infected with formjacking codes every month. It is estimated that cybercriminals will make at least tens of millions of dollars in revenue in 2018 in underground markets such as ‘Dark Web’.
Information that was hijacked by formjacking is sold for up to $45 for one credit card. In the case of British Air, where more than 380,000 pieces of credit card information were leaked, the offenders are expected to earn more than $17 million. Individual users cannot know whether visited online sites are infected without using a security solution, so their risk of identity theft and personal and financial information are likely to be exposed. For companies, the risk of attacking the supply chain as well as the risk of reputation or legal liability experienced during infection is increasing. Formjacking, which is continuously on the rise, is expected to continue in 2019 and beyond.
Cybercriminals are constantly intellectualizing and diversifying their methods of attack. Cryptojacking, which has been crammed with cryptocurrency, but the attack rate has fallen by 52% when the value and attack effect have fallen, and also ransomware has an attack pattern concentrated on enterprises that suffer greater than individuals. Though the attack has diminished, cybercriminals have evolved to develop more intelligent techniques and to use various other methods, such as formjacking, to launch various attacks.
As the attacking method is becoming more intelligent and diverse, users are advised to recognize and prevent the danger. In addition to the aforementioned cryptojacking, ransomware and formjacking, in 2019, security will be important in various aspects such as clouds, 5G and IoT devices. Users need to avoid crybercrimes as intelligent as the cyberciminals through improving their security awareness and getting more comprehensive training on threat limitations and corrective actions.
|▲ Formjacking is emerging as a new information extortion method.|