Stealing sensitive company data might make headlines, but many cybercriminals still prefer installing cryptominers on compromised endpoints for quick, easy, and relatively harmless profit, new research has suggested.
A report from Atlas VPN and Trend Micro found cryptominers were the top malware family in 2021, with exactly 150,909 detections over the course of the year.
“Mining” cryptocurrencies such as bitcoin, or ether, requires heavy computational power, an active internet connection, and plenty of electricity. Crooks have learned of ways to install cryptocurrency miners on compromised devices, and have all the proceedings sent to their private wallet address.
Targeting businesses
Besides raking up the electricity bill for the victim, a cryptominer will often render the device unusable.
Threat actors most often targeted information and communication businesses with malware, discovering 561,753 malware files in emails sent to employees in the industry. Retail was second, with 397,072 weaponized emails sent, followed by the construction industry, with 356,952.
At the bottom of this list were the finance and manufacturing industries, receiving “just” 198,408, and 188,373 malware files, respectively.
Despite the relative popularity of cryptominers, they’re far from being the only virus being distributed around. Web shell scripts, which allow attackers to access sensitive content, or set up a ransomware attack, were detected 149,290 times.
The Ulise malware accounted for 145,321 detections in 2021, followed by WannaCry with 97,585 detections.
“Malware attacks enable attackers to profit off businesses simply and efficiently. Companies that become victims of cyberattacks often become vulnerable to data theft, hijacking, and other similar cyberattacks in the future,” commented cybersecurity writer at Atlas VPN, Vilius Kardelis.
“By employing good cybersecurity practices and applications, businesses can mitigate malware attack risks.”
