Ransomware is becoming passé among hackers as cryptomining hacks surged to become the most popular form of malware detected in the first quarter, according to a new report out today from the Comodo Cybersecurity Threat Research Labs.

The “Global Malware Report Q1 2018” report delved into 300 million malware incidents tracked by the security firm. It detected 28.9 million cryptominer incidents for a nearly 10 percent share, with the number of unique cryptominer variants growing from 93,750 in January to 127,000 in March. While cryptomining malware grew, ransomware activity fell 42 percent, from 124,320 unique variants in January to 71,540 in March.

Leading the pack among cryptomining attacks was subverted code from otherwise “legitimate” companies such as Coinhive and Crypto-Loot that give website owners a way to make money through cryptomining. The reports said hackers steal the code used by the services for malicious purposes, illegitimately embedding the code onto hacked websites.

“Malware, like cyberspace itself, is merely a reflection of traditional, ‘real-world’ human affairs, and malware is always written for a purpose, whether it’s crime, espionage, terrorism or war,” Dr. Kenneth Geers, chief research scientist at Comodo Cybersecurity, said in a statement. “Criminals’ proclivities to steal money more efficiently were evident with the surge in cryptomining.”

Other highlights from the report include a finding that password stealers are becoming more sophisticated, with new capabilities both to steal data and to cover their tracks. There was also an upswing in geopolitical malware detections that correlate with current world events relating to countries such as Russia, China Egypt, India, Iran, Israel, Turkey and Ukraine.

Although ransomware may be becoming passé, the report did note that it may yet stage a comeback. “Ransomware attacks led the malware market in previous quarters, but showed a radical decrease in the number of overall detections likely due to the shift to the low-hanging fruit of cryptominers,” it noted, before adding that ransomware’s overall share of incidents dropped from 42 percent in August 2017 to just 9 percent in February 2018. “Comodo Cybersecurity Labs caution [organizations] to prepare for new ransomware attacks in a changed guise, perhaps morphing into a weapon of data destruction — as seen with NotPetya — rather than a tool to extort a ransom.”

Picture: Pixabay