Cryptominers and ransomware on rise in Q3 2021 — Kaspersky

According to the Kaspersky research, the number of unique users encountering cryptominers grew from June to August 2021, correlating with the value of Bitcoin, peaking 150,000 users in September.

Meanwhile, Kaspersky encountered a total of 46,097 new modifications of miners, programs downloaded onto users’ devices that extract cryptocurrency from infected systems, in Q3 — an increase of around 47% compared to the number of modifications found in Q2.

Also on the rise this past quarter were ransomware Trojans, with total users encountering ransomware attacks increasing by around 11% to 108,323, compared to Q2. This number peaked in September at 46,000.

Previous research from cyber security and anti-virus provider Kaspersky found a drop in DDoS attacks, which was believed to have been connected to a rise in cryptomining.

Utilising a post-breach mindset for ransomware

Rich Armour, senior advisor, and Edgard Capdevielle, CEO of Nozomi Networks, discuss how a post-breach mindset can lend itself towards efficient ransomware attack preparation. Read here

“What we’ve seen for a long time is that cyber criminals follow the trends both within the cyber security landscape and society as a whole,” said Evgeny Lopatin, security expert at Kaspersky.

“Cryptocurrency has been in the spotlight in the second half of the year — as has ransomware — so it’s not surprising malicious actors would want to profit off these trends.

“Whether or not the value of Bitcoin has a direct effect on the use of miners is impossible to say, but I could certainly be a contributing factor.

“However, the statistics here represent a positive: it represents the number of users that encountered miners or ransomware on their computer that were then blocked by the security products installed. Threats may grow, but users can still stay safe.”

Recommendations for mitigating cryptomining and ransomware threats

To stay safe from both ransomware and cryptominers, Kaspersky experts recommend:

  • Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.
  • Use a dedicated security solution with application and web control, to minimise the chance of cryptominers being launched; behaviour analysis helps to quickly detect malicious activity, while a vulnerability and patch manager safeguards against cryptominers that exploit vulnerabilities.
  • Ensure regular backup of important files. A safe option is to create two copies: one to be stored in the cloud, and the other recorded to a physical means of storage, e.g. portable hard drive, thumb drive, extra laptop.
  • Fine-tune anti-spam settings to avoid threats from malicious email messages mimicking notifications from an online store or a bank, and never open attachments sent by an unknown sender.
  • Enable the ‘Show file extensions’ option in the Windows settings. This will make it much easier to distinguish potentially malicious files with extensions like “exe”, “vbs” and “scr”. Scammers could use several extensions to masquerade a malicious file as a video, photo, or a document (such as hot-chics.avi.exe or doc.scr).
  • Use a robust security solution to protect your system from ransomware, which prevents viruses from getting into your computer, or, should the virus infiltrate your system, protect important files using a special capability.
  • If you are unlucky to have your files encrypted, don’t pay the ransom, unless instant access to some of your files is critical.

Avatar photo

Aaron Hurst

Aaron Hurst is Information Age's senior reporter, providing news and features around the hottest trends across the tech industry.