Hackers ditching ransomware in favour of less attention-grabbing tactics: Report

Cybercriminals are moving away from attention-grabbing ransomware attacks to more covert methods aimed at stealing money and valuable computing resources in countries across the globe including India, according to cybersecurity solutions firm Trend Micro.

A Trend Micro report titled ‘Midyear Security Roundup 2018’ shows that crypto-jacking attempts, where a hacker steals cryptocurrencies such as bitcoin from digital wallets, are making the biggest impact so far this year.

Trend Micro recorded a 96% increase in cryptocurrency mining detections in the first half of 2018 as compared to all of last year.

The firm said this indicates that cybercriminals are setting aside the quick payout strategy of ransomware - where systems are hijacked until cryptocurrencies are paid - in favour of the slower, behind-the-scenes approach of stealing computing power to mine digital currencies. 

Cryptomining is the process of validating transactions for various types of cryptocurrencies and adding them to the blockchain digital ledger. 

Several miners compete to authenticate a transaction by correctly decoding the cryptographic hash functions that are associated with a block containing the transaction data. The first miner to crack the code gets to authenticate the transaction and, in return for the service, gets a few cryptocurrencies.

A cybercriminal hijacks and uses the computational power of compromised assets (cryptomining computers) to add new blocks to the blockchain of digital currencies such as bitcoin, thereby benefiting from the rewarded cryptocurrencies.

Trend Micro also spotted another shift in the first half of the year towards unusual malware types, such as fileless, macro and small file malware.

It recorded a 250% increase in detections of one particular small file malware, TinyPOS, compared to second half of 2017, possibly because of the malware’s ability to resist short-sighted conventional security protection.

“The recent change in the threat landscape mirrors what we’ve seen for years – cybercriminals will constantly shift their tools, tactics and procedures (TTPs) to improve their infection rates,” said Jon Clay, director of global threat communications at Trend Micro.

Nilesh Jain, vice-president for Southeast Asia and India at Trend Micro, said that a few public cloud providers have also been compromised this year. 

“Next year, the customers who don’t take adequate measures for their applications or data which are hosted in public cloud, might even get compromised,” he said.