Cryptojacking is Losing Traction in the Second Quarter of 2018 - Malwarebytes Report

For nearly a year now, cryptojacking has become one of the quickest-growing attack vehicles for hackers all over the world, promising immense profits with a minimum effort. CoinHive, a provider of mining scripts so that websites can use their visitors’ CPUs as an alternative to advertisements, has been a great facilitator for this trend.

However, the number of cryptojacking incidents hit a plateau in the second quarter of the year, according to the latest “Cybercrime Tactics and Techniques” report by Malwarebytes.

“Cryptomining detections are slowly declining; however, as one of the top two detections for both businesses and consumers, they still dominate the threat landscape… Ultimately, many criminals aren’t getting the return on investment from cryptomining they were expecting. The cryptojacking craze will likely stabilize as it follows market trends in cryptocurrency; however, a massive spike or downturn in the currency market could quickly impact those numbers one way or the other,” Malwarebytes wrote.

Thus far, it’s been difficult to measure just how much one specific cryptojacker would make out of such an operation. Most of these hackers would use Monero, a cryptocurrency that specializes in hiding the balances of wallet holders.

The answer to this mystery, however, may as well be “not much” as we’re seeing a slight downward trend in the number of cryptojacking incidents as a whole.

On the flip side, it’s easy to suspect that the decline may be due to traditional cryptomining malware losing its appeal. This is because most of the older software would mine Bitcoin, which is no longer very easy to attain or profitable to mine. Monero, on the other hand, is still somewhat easy to mine and even easier to build mining malware for. A simple XMRig payload would be enough for any malware to do its bidding.

Despite the conclusion of Malwarebyte’s researchers, it’s quite possible that cryptomining malware will continue to be one of the most serious issues in cybersecurity for the foreseeable future.