SYS-CON MEDIA Authors: Zakia Bouachraoui, Carmen Gonzalez, Yeshim Deniz, Pat Romanski, Gary Arora

News Feed Item

Cryptominers Leaped Ahead of Ransomware in Q1 2018, Comodo Cybersecurity Threat Research Labs' Global Malware Report Shows

SAN FRANCISCO, April 17, 2018 /PRNewswire/ -- RSA CONFERENCE 2018 -- Comodo Cybersecurity, a global innovator and developer of cybersecurity solutions and a division of Comodo Security Solutions Inc., today announced the Comodo Cybersecurity Threat Research Labs' "Global Malware Report Q1 2018."

Comodo Cybersecurity's report is among the first to present Q1 2018 data, and the company's threat analysis shows a very different picture from 2017. Specifically, during the first three months of 2018, cryptominers surged to the top of detected malware incidents, displacing ransomware — which declined significantly in volume — as the number one threat.

Another surprising finding: Altcoin Monero became the leading target for cryptominers' malware, replacing Bitcoin. The reasons why are detailed in the report and the infographic.

The complete report is available online.

"Malware, like cyberspace itself, is merely a reflection of traditional, 'real-world' human affairs, and malware is always written for a purpose, whether it's crime, espionage, terrorism or war," said Dr. Kenneth Geers, chief research scientist at Comodo Cybersecurity. "Criminals' proclivities to steal money more efficiently were evident with the surge in cryptomining. And the continued strong correlation of attack volume with current geopolitical events shows hackers of all motivations are well aware of the opportunities major breaking news provides them."

For years, Comodo Cybersecurity has tracked the rise of cryptominer attacks, malware that hijacks users' computers to mine cryptocurrencies for the attacker's profit while remaining hidden from the PC's owner. The real surge, however, started in 2017 after Bitcoin skyrocketed to $20,000. Cryptominer attacks then leaped in 2018 as cryptocurrencies' market capitalization topped $264 billion, shifting the attention of cybercriminals from ransomware.

During Q1 2018, Comodo Cybersecurity detected 28.9 million cryptominer incidents out of a total of 300 million malware incidents, amounting to a 10% share. The number of unique cryptominer variants grew from 93,750 in January to 127,000 in March. At the same time, the data shows this criminal attention came at the expense of ransomware activity, with new variants falling from 124,320 in January to 71,540 in March, a 42% decrease.

Two key factors drove this surge. Unlike the one and done nature of ransomware — and the semi-custom nature of each target's variant — cryptominers are "the gift that keeps on giving." They persist in infected machines or websites because they are often either unnoticed or tolerated by users, who find a performance impact more acceptable than dealing with the issue. And the higher value of cryptocurrencies made mining worth their while.

Monero, the cryptocurrency best known for its secrecy level, took the dubious honor from Bitcoin of becoming the cryptominers' preferred target during the first quarter. According to Comodo Cybersecurity analysts, this is because its features favor cybercriminals: it hides transaction parties and amounts; cannot be tracked, blacklisted or linked to previous transactions; creates blocks every two minutes, providing more frequent opportunities for attack; and is designed for mining on ordinary computers.

Other highlights of the Comodo Cybersecurity report for the last quarter include:

  • Hackers subverted Coinhive, Crypto-Loot and other cryptocurrency mining services. These legitimate companies offer website owners a way to monetize their sites by allowing customers to willingly let their computers be used for mining. The very short JavaScript that enabled the opt-in service, however, was quickly stolen by cybercriminals and used for malicious purposes. Widely and illegitimately spread worldwide by embedding the code into websites, Chrome extensions, typosquatted domains and malvertising, the hackers' script stealthily uses system resources without the user's permission to make money by mining cryptocurrencies
  • Password stealers became more sophisticated and dangerous. Comodo Cybersecurity observed cybercriminals increasingly develop and update malware with the goal of stealing users' credentials. Comodo Cybersecurity Threat Research Lab analyzed new variants of Pony Stealer, one of the most dangerous password stealers, which now demonstrates new capabilities in both stealing data and in covering its tracks
  • Expect a ransomware resurgence. Ransomware attacks led the malware market in previous quarters, but showed a radical decrease in the number of overall detections, likely due to the shift to the low-hanging fruit of cryptominers. Ransomware's overall share of incidents dropped from 42% in August 2017 to just 9% in February 2018. Comodo Cybersecurity Labs caution to prepare for new ransomware attacks in a changed guise, perhaps morphing into a weapon of data destruction — as seen with NotPetya — rather than a tool to extort a ransom
  • Geopolitical malware detections correlate with current events around the world. In Q1 2018, Comodo Cybersecurity analysis yielded potential geopolitical correlations related to national elections in China and Russia. The company discovered correlations in Egypt, India, Iran, Israel, Turkey and Ukraine relative to military operations, along with other trends across Europe, Asia and Africa
  • Hot zones identified by malware type. Countries that currently have the most acute challenges associated with Trojans, viruses and worms include Brazil, Egypt, India, Indonesia, Iran, Mexico, Nigeria, Philippines, Russia and South Africa. Countries in a higher socioeconomic category — that can afford more professional cyber defenses — are often plagued by a higher ratio of application malware. Finally, countries that possess unusual malware profiles, such as Belarus, China, Israel, Japan, Kazakhstan, Turkey, U.K. and Ukraine are profiled in this Q1 2018 report

Comodo Cybersecurity will host a webcast to discuss the findings with Dr. Geers, on Wednesday, May 9, 2018 at 1 p.m. EDT (register here).

For more information, download the Comodo Cybersecurity Threat Research Labs' "Global Malware Report Q1 2018."

Comodo Cybersecurity will highlight its integrated platform that helps small, mid-size and large businesses safeguard their data and systems against next-gen cyber threats at RSA Conference 2018, April 16-20, 2018 in San Francisco. Comodo Cybersecurity will demonstrate its endpoint security, network security, web and cloud security, and threat intelligence solutions at Booth #541 in the South Hall.

About Comodo Cybersecurity
Comodo Cybersecurity, a division of Comodo Security Solutions Inc. (CSS Inc.), is transforming cybersecurity with protection for endpoints, networks and web servers that is proven to be effective against the most advanced malware threats, including even new and unknown threats. Comodo Cybersecurity's innovative auto containment technology provides a trust verdict for every file, so that only safe files can run, without impacting user productivity or computer resources. With its global headquarters in Clifton, New Jersey, Comodo Cybersecurity also has international offices in China, India, the Philippines, Romania, Turkey, and Ukraine. For more information, visit comodo.com or our blog. You can also follow us on Twitter (@ComodoNews) or LinkedIn.

Contact:
Montner Tech PR
Deb Montner
[email protected] 
203-226-9290

Cision View original content with multimedia:http://www.prnewswire.com/news-releases/cryptominers-leaped-ahead-of-ransomware-in-q1-2018-comodo-cybersecurity-threat-research-labs-global-malware-report-shows-300631080.html

SOURCE Comodo Cybersecurity

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Most modern computer languages embed a lot of metadata in their application. We show how this goldmine of data from a runtime environment like production or staging can be used to increase profits. Adi conceptualized the Crosscode platform after spending over 25 years working for large enterprise companies like HP, Cisco, IBM, UHG and personally experiencing the challenges that prevent companies from quickly making changes to their technology, due to the complexity of their enterprise. An accomp...
Public clouds dominate IT conversations but the next phase of cloud evolutions are "multi" hybrid cloud environments. The winners in the cloud services industry will be those organizations that understand how to leverage these technologies as complete service solutions for specific customer verticals. In turn, both business and IT actors throughout the enterprise will need to increase their engagement with multi-cloud deployments today while planning a technology strategy that will constitute a ...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the competition, or worse, just keep up. Each new opportunity, whether embracing machine learning, IoT, or a cloud migration, seems to bring new development, deployment, and management models. The results are more diverse and federated computing models than any time in our history.
Andrew Keys is co-founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereum.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software with the simplicity and reach of the open web. With staff in 10 timezones, Isomorphic provides a global network of services related to our technology, with offerings ranging from turnkey application development to SLA-backed enterprise support. Leadin...
Concerns about security, downtime and latency, budgets, and general unfamiliarity with cloud technologies continue to create hesitation for many organizations that truly need to be developing a cloud strategy. Hybrid cloud solutions are helping to elevate those concerns by enabling the combination or orchestration of two or more platforms, including on-premise infrastructure, private clouds and/or third-party, public cloud services. This gives organizations more comfort to begin their digital tr...
On-premise or off, you have powerful tools available to maximize the value of your infrastructure and you demand more visibility and operational control. Fortunately, data center management tools keep a vigil on memory contestation, power, thermal consumption, server health, and utilization, allowing better control no matter your cloud's shape. In this session, learn how Intel software tools enable real-time monitoring and precise management to lower operational costs and optimize infrastructure...
Data center, on-premise, public-cloud, private-cloud, multi-cloud, hybrid-cloud, IoT, AI, edge, SaaS, PaaS... it's an availability, security, performance and integration nightmare even for the best of the best IT experts. Organizations realize the tremendous benefits of everything the digital transformation has to offer. Cloud adoption rates are increasing significantly, and IT budgets are morphing to follow suit. But distributing applications and infrastructure around increases risk, introdu...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science" is responsible for guiding the technology strategy within Hitachi Vantara for IoT and Analytics. Bill brings a balanced business-technology approach that focuses on business outcomes to drive data, analytics and technology decisions that underpin an organization's digital transformation strategy. Bill has a very impressive background which includes ...
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
DevOps has long focused on reinventing the SDLC (e.g. with CI/CD, ARA, pipeline automation etc.), while reinvention of IT Ops has lagged. However, new approaches like Site Reliability Engineering, Observability, Containerization, Operations Analytics, and ML/AI are driving a resurgence of IT Ops. In this session our expert panel will focus on how these new ideas are [putting the Ops back in DevOps orbringing modern IT Ops to DevOps].
While a hybrid cloud can ease that transition, designing and deploy that hybrid cloud still offers challenges for organizations concerned about lack of available cloud skillsets within their organization. Managed service providers offer a unique opportunity to fill those gaps and get organizations of all sizes on a hybrid cloud that meets their comfort level, while delivering enhanced benefits for cost, efficiency, agility, mobility, and elasticity.
Most organizations are awash today in data and IT systems, yet they're still struggling mightily to use these invaluable assets to meet the rising demand for new digital solutions and customer experiences that drive innovation and growth. What's lacking are potent and effective ways to rapidly combine together on-premises IT and the numerous commercial clouds that the average organization has in place today into effective new business solutions. New research shows that delivering on multicloud e...