Study: Five Million Russians Cryptojacking Victims in September 2018

Study: Five Million Russians Cryptojacking Victims in September 2018

According to a new report from cybersecurity firm Avast, 5 million Russians fell victim to cryptojacking in September 2018 — a massive spike from the previous month. Avast said the timing of this spike suggests hackers initiate mining when they anticipate a jump in crypto prices,  considering that this new data mirrors hacking patterns from late 2017. 

Also see: Next Up: BAT Pumps After Coinbase Pro Listing Announcement

Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts

Hackers Buzzing for Price Pumps

According to Avast analysts, the number of Russians who were attacked by cryptojacking botnets — networks of hacked computers used to mine crypto — in September 2018 was more than 5.1 million. That was up from the 1.7 million Russian victims in August.

Avast found that the attacks peaked in Russia in December 2017, when as many as 34 million Russians fell prey to the vector.

Cryptojackers are on the rise in Russia this fall.

Avast threat intelligence director security Mihal Salat said the spike of attacks in September suggested hackers were anticipating significant price increases that will mirror the cryptoeconomy’s Q4 2017 growth.

Per Salat:

“One of the reasons why cybercriminals strengthen the attacks in periods when cryptocurrency prices are high is because they have losses too. They need to maintain their own websites, develop the algorithms of infecting the other websites, as well as to take care of the command servers. That’s why hidden mining is profitable only during a certain periods of time. For example, when the cryptocurrency prices are higher than usual.”

The New Coin Factor

The new Avast study showed Monero (XMR) was the most popular cryptocurrency among cryptojackers in Russia, a dynamic that’s been echoed by other cryptojacking analyses in the past.

However, Avast reported that a significant volume of associated software is intended to mine new cryptocurrencies, not the mainstream ones.

“This model is so attractive because, after the fresh tokens are released, they remain at the price peak, but after some time, the price begins to slowly fall down,” the researchers noted.

“The hackers exchange mined new coins to the most popular ones, and then convert those to rubles or dollars.”

People Are Aware of Crypto … But Not the Details

In July 2018, Avast published survey results on cryptojacking incidents in Russia.

The survey showed that 32 percent of the 2,000 Russian participants had no idea that their devices could be used for mining. Furthermore, 20 percent of respondents said at the time they would rather allow permissioned mining than be subjected to animated site ads. Amazingly, 95 percent of the survey participants said they were aware of cryptocurrencies.

On a related note, the CheckPoint research agency noticed in September 2018 that the number of cryptojacking attacks on Apple devices with Safari had increased by 400 percent compared to August.

To coerce victims’ computing power, cryptojackers often use the Coinhive browser mining script, with the Dorkbot and Cryptoloot scripts being other popular options.

Are there any suspicious performance issues with your PC or phone when some websites are opened in your browser? Let us know in the comments below.


Images by Jeff Fawkes, Pixabay

Related News