McAfee Labs Sees Criminals "Infect and Collect" in Cryptocurrency Mining Surge
Posted in: Legal & Security at 27/06/2018 22:06
McAfee, the device-to-cloud cybersecurity company, today released its McAfee Labs Threats Report: June 2018, examining the growth and trends of new malware, ransomware, and other threats in Q1 2018. McAfee Labs saw on average five new threat samples every second, including growth in cryptojacking and other cryptocurrency mining malware, and notable campaigns demonstrating a deliberate drive to technically improve upon the most sophisticate established attacks of 2017.
“There were new revelations this quarter concerning complex nation-state cyber-attack campaigns targeting users and enterprise systems worldwide,” said Raj Samani, chief scientist at McAfee. “Bad actors demonstrated a remarkable level of technical agility and innovation in tools and tactics. Criminals continued to adopt cryptocurrency mining to easily monetize their criminal activity.”
Cryptojacking malware on the rise, says McAfee [registration]
Malware that steals computing power to generate cryptocurrencies increases 600%
‘McAfee Labs Threats Report’ Spotlights Innovative Attack Techniques, Cryptocurrency Mining, Multisector Attacks
In the McAfee Labs Threats Report June 2018, published today, we share investigative research and threat statistics gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q1 of this year. We have observed that although overall new malware has declined by 31% since the previous quarter, bad actors are working relentlessly to develop new technologies and tactics that evade many security defenses.
These are the key campaigns we cover in this:
- Deeper investigations reveal that the attack targeting organizations involved in the Pyeongchang Winter Olympics in South Korea used not just one PowerShell implant script, but multiple implants, including Gold Dragon, which established persistence to engage in reconnaissance and enable continued data
- The infamous global cybercrime ring known as Lazarus has resurfaced. We discovered that the group has launched the Bitcoin-stealing phishing campaign “HaoBao,” which targets the financial sector and Bitcoin
- We are also seeing the emergence of a complex, multisector campaign dubbed Operation GhostSecret, which uses many data-gathering implants. We expect to see an escalation of these attacks in the near future.