New Cryptocurrency Mining Malware Pose Emerging Cybersecurity Threat: McAfee
Jakarta. New malware designed to exploit software vulnerability similar to last year's WannaCry cyberattack is on the rise, along with an increase in cryptocurrency mining malware, are posing an emerging cybersecurity threat, a new report showed on Tuesday (25/09).
In its latest threat report, cybersecurity firm McAfee found a 151 percent increase in new malware samples designed to exploit software vulnerabilities, like those used in the WannaCry and NotPetya attacks in 2017.
McAfee said the malware had been repurposed and adapted to produce entirely new threats.
"WannaCry and NotPetya provided cybercriminals with compelling examples of how malware could use vulnerability exploits to gain a foothold on systems and then quickly propagate across networks," Christian Beek, lead scientist and senior principal engineer at McAfee Advanced Threat Research, said in a statement.
He added that users and organizations must "do a better job" in patching vulnerabilities with available fixes to minimize the impacts of such threats.
According to the Ministry of Communication and Information Technology, Indonesia was hit with more than 205 million cyberattacks last year, including WannaCry, which disrupted computer systems at some of the country's major hospitals.
The report also found that cryptocurrency mining malware increased by 86 percent in the second quarter this year, with more than 2.5 million new samples. Analysts estimate that $1.5 billion in cryptocurrency had been stolen in the past two years from the $232 billion bitcoin market.
The threat also extends to other devices besides personal computers, including Android mobile devices.
"Today, the tremendous volume of such devices online and their propensity for weak passwords present a very attractive platform for this activity," Beek said.
McAfee also found a new billing-fraud campaign involving at least 15 apps on Google Play, and identified the AsiaHitGroup Gang as the main actor behind it. They made attempts to charge 20,000 victims, mostly from Thailand and Malaysia, for downloads of copies of popular applications.
Tags: Keywords: