Cybersecurity company McAfee Labs has released its August 2019 threat report, which notes an increase in cryptojacking campaigns and ransomware attacks in Q1 2019.
Cryptojacking on the rise
McAfee Labs posted their report on the company’s website on Aug. 28. According to the report, crypto jacking — installing and running a cryptocurrency miner without user permission — has been on the rise, with a 29% increase in crypto jacking campaigns in Q1 2019. Additionally, the company discovered new malware families for both Microsoft Windows and Apple users.
One crypto jacking campaign they discovered was PsMiner — a crypto jacker for mining Monero (XMR) on Windows machines. McAfee Labs reportedly found that PsMiner used a PowerShell command to deploy its payload, which they further found is the crypto jacking norm for targeting Windows computers.
Additionally, the firm discovered a malware family that targets Apple users called CookieMiner. This malware strain is reportedly designed to mine the cryptocurrency Koto, which appears to be zero-knowledge proof crypto from Japan. The cryptojacker also steals user information from user website, which the company has seen steals data from major crypto services such as Binance, Bitstamp, Bittrex, Coinbase, MyEtherWallet and Poloniex, per the report.
Ryuk ransomware
McAfee Labs additionally reported that ransomware attacks increased by 118% in the first quarter of 2019. McAfee Labs notes that one of these ransomware campaigns used the Ryuk malware family. According to the report, Ryuk broke out early on in the first quarter of 2019 and proceeded to halt newspaper printing in the United States. McAfee did not believe that Ryuk is backed by a nation-state, arguing that it appears more similar to a cybercrime operation.