Cryptojacking incidents in the UK rose by 1,200% in last few months

Cryptojacking incidents in the UK rose by 1,200% in last few months

Cryptojacking incidents in the UK rose by 1,200% in last few months

The UK saw cryptojacking attacks rise by 1,200 percent in the past few months, making it among the top five countries in the world in terms of the number of such attacks.

Cyber criminals are increasingly mining cryptocurrency using covert means like exploiting processing power of victims’ systems without informing them about such activities.

The UK today ranks fourth in the world in terms of cryptojacking attacks thanks to a sudden rise in the number of such attacks in the past six months, Symantec Threat Intelligence has revealed. As of now, only the United States, Japan, and France face more cryptojacking attacks compared the UK.

The firm revealed that in the past few months, incidents of cryptojacking, that involves hackers using the processing power of victims’ systems to mine cryptocurrency, rose by 1,200 percent in the UK, thereby revealed how widespread the entire operation is. In the past few months, Britain accounted for 4 percent of all cryptojacking incidents that took place around the world.

In February, a massive cryptocurrency mining operation forced the government to shut down hundreds of websites belonging to the Student Loans Company, several NHS services, and local councils. The operation was carried out by hackers who compromised a widely-used browser plug-in to spread their web to thousands of websites and subsequently mined cryptocurrency using the processing power of infected devices.

After the operation was discovered and urgent steps were taken to limit its spread, Andrew Douthwaite, VP Managed Services at VirtualArmour, told that the cryptojacking operation could be the first of many such operations to take place in the UK.

“This method of thinking around how effective a ‘hack’ or ’attack’ is becoming more common, we are not seeing individual sites or companies being targeted, but common services, or ancillary third party plugins being targeted.

“This gives the attackers a much wider audience to hit at once, the third party companies developing the add-ons or additional services are generally smaller than the companies using them and therefore can be less stringent with their QA and security. Another example of this approach was the huge DDoS attack on the DNS provider Dyn – taking down, Twitter Netflix, Spotify to name but a few,” he said.

Despite a rapid increase in cryptojacking incidents, researchers believe such efforts aren’t as destructive as ransomware injections or phishing scams as hackers do not steal credentials or inject powerful malware into victims’ systems.

“The in-browser cryptocurrency miners are not installing anything on the victim’s machines, they’re not encrypting files. Even though they could potentially steal credentials, at the moment the attackers don’t want to,” Candid Wueest, a researcher at Symantec, told Sky News.

However, Steve Giguere, lead EMEA engineer at Synopsys, has warned that the technique that hackers employed last month to use government websites to mine cryptocurrency, could also be employed for DDoS attacks in the future.

“As hackers are always looking for a weak link, we can expect browser plug-ins will continue to be an active target to exploit the distributed horse-power of browser based computing. In this particular incident, a plug-in which would be used by organisations who have a large user base and have demonstrated in the past (WannaCry) a potential to be an easy target, no doubt incentivised the attackers,” he said.

Copyright Lyonsdown Limited 2021

Top Articles

COO of network security firm indicted for hacking into hospital network

A 45-year-old Chief Operating Officer of network security company in Atlanta, Georgia was indicted this week for launching a cyber attack on Gwinnett Medical Center.

McDonald's data breach: Employee and customer data stolen by hackers

McDonald's suffered a data breach that compromised the personal information of customers in South Korea and Taiwan and business contact information of some US employees.

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Related Articles

[s2Member-Login login_redirect=”” /]