After recent turbulence in the crypto market, Atlas VPN decided to analyze the cybersecurity side of the crypto landscape and found that new modifications of cryptojacking software used in the act of hijacking a computer and using it to mine digital assets against the user's will grew 3.8 times in the third quarter (Q3) of 2022. 

As many as 153,000 new variants of malicious mining software were detected by Kaspersky in Q3. In Q2, the number of new cryptojacking variants stood at around 41,000. 

However, data also revealed that the number of cryptojacking victims did not change significantly. In fact, it decreased slightly.

Analysts believe that fraudsters were trying to capitalize on the predicted growth in the crypto market. However, the predictions fell short, the market did not expand to new heights, and their strategy did not come to fruition. 

Nevertheless, cryptojacking is still one of the most common online threats. The number of victims each quarter ranges from 300,000 to 500,000.

Cryptojacking 101

Cryptojacking is a rather new threat, which emerged rapidly due to the impressive financial rewards of cryptocurrency mining. 

Cryptomining software hides on a computer or mobile device and exploits the machine's capabilities to "mine" different types of digital money known. 

The objective is profit, like with most harmful software, but unlike other dangers, it is meant to remain fully concealed from the user for as long as possible. 

Unfortunately, cryptojacking is very difficult to detect. However, decreased device performance, overheating, and excessive CPU consumption are some of the warning signs. 

Cryptomining malware delivery

Even though these types of threats are difficult to detect, they are not that special in terms of delivery. There are several techniques for disseminating miners, most of which are comparable to methods for spreading any other sort of malware. One of the most common means of miner delivery is through malicious files posing as pirated entertainment. Cybercriminals deliberately entice their victims by presenting them with popular films, music, games, and software in order to distribute dangerous mining programs. They can distribute them via torrent links as well as specifically designed landing pages.

While the approach mentioned above mostly impacts consumer devices, there are a variety of distribution strategies for sending miners to more powerful enterprise equipment. They include attacking the victim's server using leaked or brute-forced passwords, spreading worms via flash drives or network storage, and distributing miners via unpatched vulnerabilities in the operating system.