14 DAY TRIAL // As reported by Webroot in their mid-year threat report, cryptojacking now leads the threat charts, surpassing ransomware as the most dangerous threat for the first half of 2018.
Cryptojacking being the top threat is not a surprise given that bad actors have been observed throughout 2018 moving to simpler to use and implement attacks such as illegal cryptocurrency mining.
Furthermore, cryptojacking was the preferred method of compromising targets especially since this type of attack leaves very little traces behind and it can be used exploit a multitude of platforms and operating systems, ranging from computers and mobile devices to IoT devices such as TVs and routers.
Most bad actors used cryptojacking to mine for Monero since going for Bitcoin is a little bit more problematic because this type of crypto coin needs to be laundered because of its public blockchain.
Monero, on the other hand, features an anonymous blockchain and can be mined using systems with minimal resources, unlike Bitcoin which needs powerful mining rigs with modern GPUs for reasonable efficiency.
Cybercriminals prefer cryptojacking to other types of attacks because of its smaller system footprint and ease of implementation
Ransomware attacks, last year's top threat, has moved to other ways of exploiting target systems, going from phishing and brute force to scanning for and exploiting Remote Desktop Protocol (RDP) based vulnerabilities.
Webroot's analysis uncovered that ransomware's threat level severely decreased once more users migrated to the more secure Windows 10 operating system, with 40% of businesses and 75% of home users switching.
Targeted social engineering and phishing were both on the rise in H1 2018, with the number of phishing attempts rising by 60% from January to June 2018.
Additionally, phishing was behind 93% of data breaches in the first six months of 2018 and 22% of employees having clicked at least one malicious link during the last twelve months.
To conclude, cryptojacking is the new top threat during H1 2018, with ransomware and botnets becoming more and more sophisticated and gaining new capabilities, from self-propagation to stealing credentials and persistence.
