Cryptojacking attacks: One in three organisations say they've been hit with mining malware

Cryptocurrency-generating malware has been on a rampage this year - but some organisations still haven't done much to defend against it.
Written by Danny Palmer, Senior Writer

Almost a third of organisations say they've been hit by cryptojacking attacks in the last month, as cyber criminals continue their attempts to push malware designed to secretly use processing power to generate cryptocurrency.

Cryptojacking attacks have become increasingly popular with attackers because users often won't know they've been infected as the malware simply steals processing power to mine for cryptocurrency. All the average user might notice is that their computer is running a bit slower than usual or the fans is working harder.

The advantage for attackers is that they can have malware undetected on infected systems for a long period of time, potentially allowing them to generate significant illicit income.

That's why the attacks are becoming so prolific, with new research published by Citrix suggesting that three in ten UK businesses have fallen victim to cryptojacking attacks in the last month alone.

According to the survey, 59 percent of organisations have detected cryptomining malware on their systems at some point, with 80 percent of these detections occurring in the last six months which is when the cryptojacking boom really began to pick up momentum.

See also: Cryptocurrency-mining malware: Why it is such a menace and where it's going next

Just over half -- 60 percent -- of organisations who detected cryptojacking attacks say under 50 devices were affected. Just one in ten said over 100 machines were found to contain traces of the malware.

The stealthy nature of cryptojacking attacks is apparent when it comes to how the malware has been discovered on infected systems -- just 16 percent of organisations were alerted to the incidents after a noticeable spike in slower device performance.

Meanwhile, network monitoring uncovered the malware in just over a third of cases, while a third of cases were reported by employees.

Despite the rise in cryptomining attacks, the survey found that one in five businesses don't have contingency measures in place, should an attack occur.

However, two thirds of businesses do say they have policies in place, relying on the likes of network monitoring, anti-malware software and blocking mining websites in order to counter attacks.

Cryptojacking schemes remains popular with cyber criminals, to such an extent mining malware has surpassed ransomware when it comes to turning a profit.


Editorial standards