Consumer cryptomining has ‘gone the way of the dodo’, MalwareBytes

Consumer cryptomining – aka cryptojacking – “is essentially extinct,” according to a report released by cybersecurity company MalwareBytes.

“Marked by the popular drive-by mining company CoinHive shutting down operations in early March, consumer cryptomining seems to have gone the way of the dodo. Detections of consumer-focused Bitcoin miners have dropped significantly over the last year and even from last quarter, while business-focused miners have increased from the previous quarter, especially in the APAC region,” the report states.

Beapy

Last week, cybersecurity firm Symantec released research on a cryptojacking campaign, dubbed Beapy, impacting enterprises primarily in Asia, with more than 80% of its victims located in China. This uses stolen and hardcoded credentials to spread rapidly across networks, including patched machines, to collect credentials from infected computers.

Beapy is a file-based coinminer that uses email as an initial infection vector to deploy a backdoor that was also deployed in the 2017 WannaCry attacks. Activity was first seen in January and has been increasing since the beginning of March.

Key findings from the research include:

• This campaign demonstrates that while cryptojacking has declined in popularity over the past year, it is still holds appeal for some cyber criminals with enterprises now their primary target. 98% of Beapy’s victims are enterprises. This may indicate a continuation of a trend demonstrated by the Bluwimps worm in 2018 and mentioned in Symantec’s Internet Security Threat Report (ISTR) – an increased focus by cryptojacking criminals on enterprises.
• Beapy is a file-based coinminer, which is interesting as most of the cryptojacking activity seen by Symantec at the height of its popularity was carried out using browser-based coinminers. However, the company  also believes that CoinHive ceasing operations is likely to have a dramatic impact on browser-based cryptojacking. File-based coinminers also have a significant advantage over browser-based coinminers because they can mine cryptocurrency faster.

You can read about the full findings here.