March 12, 2019

Positive Technologies: hackers began to use viruses for mining two times less.


The number of cases of cyber attacks using miner viruses has almost halved in 2018. In the first months of the year, such attacks accounted for 27% of the total number of cybercrimes, at the end of the year this figure dropped to 13%.

Company analysts explain this behavior of hackers by the fall of the cryptocurrency rate. With the current course, attacks become less profitable and cannot bring in enough revenue, so hackers make more active use of social engineering, unlike in 2017, when such attacks were extremely common. While maintaining a negative trend in the market, the level of attacks for the purpose of hidden mining or attacks on miners will continue to decline this year, experts predict.


At the same time, the total number of cyber attacks is increasing. In 2018, they were a quarter more compared to last year. As a percentage, the types of hacker attacks are distributed as follows:


  • Spyware - 26%
  • Software for remote control of the device - 20%
  • Miner - 13%
  • Loader - 13%
  • Cipherman - 13%
  • Banking Trojan - 7%
  • Software for advertising and promotion - 4%
  • Software that removes data - 2%
  • Other - 2%

At the same time, the role of social engineering in attacks on organizations and individuals is growing. At the end of 2017, the share of attacks with the use of social engineering was only 11%, in a year the figure increased almost threefold - to 31%. In 2019, this trend will continue, experts say.

Experts say that the reason for the popularity of social engineering is an insufficient level of computer literacy: a large number of Russian citizens still do not use the Internet and smartphones. This category of people is very vulnerable to attackers when it begins to take its first steps on the network. In addition, social engineering is not expensive.

Currently, more and more users are installing software from official sites or applications. This is evidenced by research "Kaspersky Lab". However, in response to this, hackers inject malicious codes into programs in official stores, which leads to the infection of users' computers and smartphones.

The most common sources of virus attacks are app stores, Internet resources and email. The rise in cybercrime is due to the fact that malware is becoming more and more accessible. Soon, attackers will be able to buy ready-made viruses, rather than programming their own, according to a study by Positive Technologies.

An example is the Cutlet Maker service, which could be bought on the Internet and which was used to rob ATMs.

Note that IBM X-Force also conducted a study on cybercrime and came to the conclusion that the number of cryptojacking cases increased 4.5 times over the year. For the same year, the prevalence of ransomware viruses has decreased. Experts called the advantage of cryptodzheginga constant, albeit small, income. At the same time, IBM X-Force data does not correspond to the research of Kaspersky Lab, which claims that the level of cryptodikeking has increased only by 40%. According to the researchers, the most popular coin for cryptodikeking is Monero, in second place is Bitcoin, in third place is Zcash.

Also note that in January a virus was discovered in China, attacking miners and demanding payments. Malicious software blocked the work of mining farms and demanded a ransom, or changed the address of the purse to which the coin was lined.