Malicious Cryptocurrency Miners are Increasingly Targeting Linux

What is malware and How to Protect and Mitigate from it?

Cryptojacking’, the latest cybersecurity buzzword that involves ill-gotten gains from illicit cryptocurrency mining, is continuing to grow with 98.8% of variants of a common Linux/Downloader malware designed to deliver a Linux-based miner.

In a new internet security report from WatchGuard Technologies, a key finding reveals the growing threat of crypto-mining malware deployed by cyber criminals as a new tactic. The report pointed to several indicators that indicates that malware used to mine cryptocurrency by stealing processing power is on the rise.

“Our Threat Lab team has uncovered multiple indicators that suggest malicious crypto-miners are becoming a mainstay in cyber criminals’ arsenals and will continue to grow more dominant,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies.

Notably, he added:

“While ransomware and other advanced threats are still a major concern, these new crypto-miner attacks illustrate that bad actors are constantly adjusting their tactics to find new ways to take advantage of their victims.”

Nearly half (46%) of all malware observed was able to sneak past rudimentary and basic signature-based antivirus systems, pointing to advanced obfuscation techniques used by cybercriminals to beat traditional antivirus solutions. Curiously, the Asia-Pacific (APAC) region account for the highest malware volume after trailing to the likes of Europe, Middle-East, Africa and the Americas in recent years. 98% of APAC malware attacks were aimed at Singapore and India.

Further, malicious Microsoft Office documents continue to target U.S victims with one new exploit making the top 10 network attack list during Q1 2018, with 94.6% of this particular attack targeting stateside victims. Similarly, a drive-by download exploit targeting Internet Explorer saw 74% of its volume affecting U.S victims.

Image credit: