Content, Content

McAfee Labs Threat Report: Cryptomining Malware Up 4,467% in Past Year

Cybercriminals are increasingly using malware to mine cryptocurrency, according to the "McAfee Labs Threat Report: December 2018."

McAfee Labs reported a year-over-year increase in several types of malware attacks, including:

  • Cryptomining: Cryptomining malware increased 4,467 percent.
  • Internet of Things (IoT): IoT malware attacks increased 203 percent.
  • Macro: New macro malware increased 24 percent.
  • Ransomware-as-a-Service (RaaS): The use of RaaS families like Gandcrab increased 45 percent.

In addition, McAfee Labs recorded a quarterly increase in the following types of malware attacks during the time frame:

  • Cryptomining: New cryptomining malware increased nearly 55 percent.
  • Fileless: New JavaScript malware increased 45 percent, and new PowerShell malware increased 24 percent.
  • IoT: New malware targeting IoT devices increased 72 percent.

McAfee Labs identified more than 60 million new malware samples in the third quarter of 2018, the report indicated. It also recorded more than 800 million total malware samples during the time frame.

How Can Organizations Combat Malware Attacks?

A proactive approach to cybersecurity can help an organization identify and address malware attacks and other cyber threats before they escalate. Endpoint detection and response (EDR) provider Digital Guardian offers several tips to help organizations prevent malware attacks, including:

  • Install regular security patches. Use security patches to keep software and applications up to date. Furthermore, leverage automatic software updates whenever possible.
  • Set up a strong, unique password. Encourage employees to establish a distinct password for each of their accounts.
  • Use a firewall. Implement a firewall and ensure it is configured properly and operational at all times.
  • Deploy antivirus and antimalware software. Use antivirus and antimalware software for protection against viruses, malware and other common cyber risks.
  • Manage application and software privileges. Utilize account controls to receive notifications any time applications or software try to make system changes.

MSSPs can help organizations develop cybersecurity strategies to address malware and other types of cyberattacks, too. They also can provide malware prevention and other managed security services to ensure that organizations can take a proactive approach to cyberattacks both now and in the future.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.