Unauthorized Cryptocurrency Mining Surged in 2017, Symantec Reports

In its tracking of attacks over the course of 2017, Symantec saw a lot of different types, but one attack class stood out: unauthorized cryptocurrency mining, also referred to as cryptojacking. In fact, there was an 8,500 percent increase in detected unauthorized cryptocurrency miners on endpoint computers in 2017, Symantec revealed on March 22 in volume 23 of its Internet Security Threat Report. Cryptocurrency miners are not limited to just Microsoft Windows operating system either, as Symantec also found attacks against Apple’s macOS as well. Other trends observed by Symantec include an increase in spam, as well more new ransomware variants in 2017 than in 2016. In this slide show, eWEEK looks at some of the highlights of the 89-page Symantec Internet Security Threat Report.

File-based detections of cryptocurrency coinminers on endpoint machines were 8,500 percent higher in 2017 than 2016, according to Symantec.

Symantec observed a direct correlation between the value of the Monero cryptocurrency, which is what most of the coinminer operations were mining, and the number of detected infections. In December 2017 alone, Symantec reported 1.7 million coinminer detections as the value of Monero surged to $321, up from only $12 in January 2017.

According to Symantec, it’s not just Microsoft Windows computers that are being impacted by unauthorized cryptocurrency miners. Apple macOS operating systems are also being targeted by cryptocurrency mining operations.

In 2017, Symantec found that 55 percent of emails were spam, up from 53 percent in both 2016 and 2015.

As part of its analysis into the techniques used by targeted attack groups, Symantec found that spear-phishing emails are the most popular attack vector.

After a decline in 2016, new ransomware variants grew in 2017. Symantec reported 350 new ransomware variants in 2017, up by 46 percent from 2016.

New mobile malware variants grew by 54 percent in 2017. Overall, Symantec reported that it blocked an average of 24,000 malicious mobile apps each day.

Attacks in 2017 came from all over the world, though the top source, at 21 percent, was China, according to Symantec. The U.S. came in second at 11 percent of attacks.