The UK saw cryptojacking attacks rise by 1,200 percent in the past few months, making it among the top five countries in the world in terms of the number of such attacks.
Cyber criminals are increasingly mining cryptocurrency using covert means like exploiting processing power of victims’ systems without informing them about such activities.
The UK today ranks fourth in the world in terms of cryptojacking attacks thanks to a sudden rise in the number of such attacks in the past six months, Symantec Threat Intelligence has revealed. As of now, only the United States, Japan, and France face more cryptojacking attacks compared the UK.
The firm revealed that in the past few months, incidents of cryptojacking, that involves hackers using the processing power of victims’ systems to mine cryptocurrency, rose by 1,200 percent in the UK, thereby revealed how widespread the entire operation is. In the past few months, Britain accounted for 4 percent of all cryptojacking incidents that took place around the world.
In February, a massive cryptocurrency mining operation forced the government to shut down hundreds of websites belonging to the Student Loans Company, several NHS services, and local councils. The operation was carried out by hackers who compromised a widely-used browser plug-in to spread their web to thousands of websites and subsequently mined cryptocurrency using the processing power of infected devices.
After the operation was discovered and urgent steps were taken to limit its spread, Andrew Douthwaite, VP Managed Services at VirtualArmour, told Express.co.uk that the cryptojacking operation could be the first of many such operations to take place in the UK.
“This method of thinking around how effective a ‘hack’ or ’attack’ is becoming more common, we are not seeing individual sites or companies being targeted, but common services, or ancillary third party plugins being targeted.
“This gives the attackers a much wider audience to hit at once, the third party companies developing the add-ons or additional services are generally smaller than the companies using them and therefore can be less stringent with their QA and security. Another example of this approach was the huge DDoS attack on the DNS provider Dyn – taking down, Twitter Netflix, Spotify to name but a few,” he said.
Despite a rapid increase in cryptojacking incidents, researchers believe such efforts aren’t as destructive as ransomware injections or phishing scams as hackers do not steal credentials or inject powerful malware into victims’ systems.
“The in-browser cryptocurrency miners are not installing anything on the victim’s machines, they’re not encrypting files. Even though they could potentially steal credentials, at the moment the attackers don’t want to,” Candid Wueest, a researcher at Symantec, told Sky News.
However, Steve Giguere, lead EMEA engineer at Synopsys, has warned that the technique that hackers employed last month to use government websites to mine cryptocurrency, could also be employed for DDoS attacks in the future.
“As hackers are always looking for a weak link, we can expect browser plug-ins will continue to be an active target to exploit the distributed horse-power of browser based computing. In this particular incident, a plug-in which would be used by organisations who have a large user base and have demonstrated in the past (WannaCry) a potential to be an easy target, no doubt incentivised the attackers,” he said.