The company released a report focused on Q2 of 2020 which reveals some of the major trends in the cybersecurity space during April, May, and June 2020.
A major takeaway is a spike in the number of browser-based cryptojacking incidents this year, which increased by 163 percent in comparison to Q1 of 2020.
Symantec highlights the fact that this covert modus operandi of computer hijacking had declined considerably in 2019 due to the fact that browser-based mining script maker CoinHive had been shut down in the first quarter of last year.
The cybersecurity firm’s proprietary software has blocked a considerable amount of cryptojacking events in 2020 and suggests that the increasing value of cryptocurrencies this year has incentivised cybercriminals to ramp up their cryptojacking initiatives.
Cryptojacking usually involves attackers installing software on a user’s computer that covertly mines cryptocurrency with the use of that machine’s processing power. Users are often unaware that their machine is being used to slowly mine cryptocurrency.
Source (Symantec): Symantec data shows a surge in blocked cryptojacking events by its software.
There are a plethora of different methods that attackers use to carry out infect machines with cryptojacking malware. Some attackers have even gone after the biggest software service providers to access a massive base of users.
As reported earlier this month, cybercriminal group TeamTNT had deployed a crypto-mining worm that allowed the group to infect servers that allowed them to gain access to Amazon Web Services (AWS) credentials.
The group would then install cryptojacking malware that mined Monero using the XMRig mining tool through cloud based services.
Ransomware still a big concern
While the Symantec report shines a spotlight on the increasing amount of cryptojacking incidents, there still seems to be a bigger threat and more lucrative payday for hackers and criminal groups carrying out ransomware attacks.
As previously reported by The Daily Chain, the Netwalker ransomware attack has led to the to over $25mln worth of Bitcoin being paid by victims to attackers in order to regain access to encrypted files and systems.
The Netwalker ransomware was first identified in August 2019 and has been somewhat of a cash cow for cybercriminals. It is a far more aggressive and crippling vector of attack, in comparison to a cryptojacking malware which can operate for extended periods of time before a user even knows that their hardware is being used for illicit mining.