cxo voice
  • Home
  • Technology
    • AI
    • Cloud
    • Telecom
    • Data Center
    • BPM
    • Blockchain
  • Finance
    • Banking
  • Cyber Security
  • View Points
  • Leaders Talk
  • News
  • Press Release
    • Submit Press Release
No Result
View All Result
  • Home
  • Technology
    • AI
    • Cloud
    • Telecom
    • Data Center
    • BPM
    • Blockchain
  • Finance
    • Banking
  • Cyber Security
  • View Points
  • Leaders Talk
  • News
  • Press Release
    • Submit Press Release
No Result
View All Result
Leaders Talk and Latest Tech News | CXO VOICE
No Result
View All Result
Home News Cyber Security

McAfee Labs Report Sees Cryptocurrency Mining Surge Continue

News Desk by News Desk
September 26, 2018
McAfee Labs Report

INDIA, September 26, 2018 – McAfee, today released its McAfee Labs Report September 2018, examining the growth and trends of new cyber threats in Q2 2018. In the second quarter, McAfee Labs Report saw the surge in cryptomining malware growth that began in Q4 2017 continue through the first half of 2018.

5 Key Findings from McAfee Labs Report Sep 2018

  1. McAfee Labs Report sees cryptocurrency mining malware increase 86% in Q2 2018
  2. Malware designed to exploit patchable vulnerabilities rose 151%
  3. Mobile malware accelerates for second successive quarter with 27%
  4. JavaScript malware increases 204% as PowerShell malware slows
  5. McAfee identifies security issues in Windows Cortana, Google Play and Blockchain

Although less common than ransomware, cryptomining malware has quickly emerged as a factor on the threat landscape. After growing around 400,000 in the fourth quarter of 2017, new cryptomining malware samples grew a stunning 629% to more than 2.9 million samples in Q1 2018. This trend continued in Q2 as total samples grew by 86% with more than 2.5 million new samples. McAfee Labs Report has even identified what appear to be older malware such as ransomware newly retooled with mining capabilities.

In some cases, cryptomining targets specific groups rather than a broad field of potential victims. One cryptomining malware strain has targeted gamers on a Russian forum by posing as a “mod” claiming to enhance popular games. Gamers were tricked into downloading the malicious software, which proceeded to use their computer resources for profit.

While cryptomining malware primarily targets PCs, other devices have become victims. For instance, Android phones in China and Korea have been exploited by the ADB.Miner malware into producing Monero cryptocurrency for its perpetrators.

“A few years ago, we wouldn’t think of internet routers, video-recording devices, and other Internet of Things devices as platforms for cryptomining because their CPU speeds were too insufficient to support such productivity,” said Christiaan Beek, Lead Scientist and Senior Principal Engineer with McAfee Advanced Threat Research. “Today, the tremendous volume of such devices online and their propensity for weak passwords present a very attractive platform for this activity. If I were a cybercriminal who owns a botnet of 100,000 such IoT devices, it would cost me next to nothing financially to produce enough cryptocurrency to create a new, profitable revenue stream.”

Vulnerability Exploit Malware

A year after the outbreaks of the WannaCry and NotPetya attacks, new malware samples specifically designed to exploit software vulnerabilities increased by 151% in Q2. McAfee saw the exploits from these two high-profile threats repurposed within new malware strains, and newly discovered vulnerability exploits similarly adapted to produce entirely new threats.

“WannaCry and NotPetya provided cybercriminals compelling examples of how malware could use vulnerability exploits to gain a foothold on systems and then quickly propagate across networks,” Beek continued. “It’s still surprising to see numerous vulnerabilities from as far back as 2014 used successfully to spearhead attacks, even when there have been patches available for months and years to deflect exploits. This is a discouraging testament to the fact that users and organizations still must do a better job of patching vulnerabilities when fixes become available.”

ADVERTISEMENT

Windows 10 Cortana Vulnerabilities

McAfee Labs and the Advanced Threat Research team discovered a vulnerability in the Cortana voice assistant in Microsoft Windows 10. The flaw, for which Microsoft released a patch in June, could have allowed attackers to execute code from the locked screen of a fully patched Windows 10 machine (RS3 and RS4 before the June patch). McAfee addressed three vectors of research that have been combined by Microsoft and together represent CVE-2018-8140. McAfee submitted the vulnerability to Microsoft in April as part of McAfee’s responsible disclosure policy.

Billing-Fraud Apps on Google Play

The McAfee Mobile Research team found a new billing-fraud campaign of at least 15 apps on Google Play. The new campaign demonstrates that cybercriminals keep finding new ways to steal money from victims using apps on official stores such as Google Play. The actors behind this campaign, the AsiaHitGroup Gang, has been active since at least late 2016 with the distribution of the fake-installer applications Sonvpay. A, which attempted to charge at least 20,000 victims from primarily Thailand and Malaysia for the download of copies of popular applications. One year later, in November 2017, the Sonypay.B campaign was discovered on Google Play. Sonvpay.B used IP address geolocation to confirm the country of the victim and added Russian victims to the billing fraud to increase its potential to steal money from unsuspected users.

Blockchain Security Threats

McAfee Labs Report identified top security threats to users and implementer of blockchain technologies. The researchers’ analysis found that phishing, malware, and implementation vulnerabilities are the primary attack vectors.

Other Q2 2018 Threat Activity

In Q2 2018, McAfee Labs Report detected five new threats a second, including new threats showing notable technical developments that improve upon the latest successful technologies and tactics to outmaneuver their targets’ defenses.

  • Ransomware. The total number of ransomware samples continues to grow, increasing 57% over the past four quarters. Although the appearance of new ransomware families has slowed overall in recent quarters, McAfee also saw established ransomware families spawn new variants. For instance, McAfee saw a dozen new variants of the Scarab ransomware family appear in the Q2 alone. These newcomers account for more than 50% of the total number of known Scarab variants identified since the family’s appearance in mid-2017.
  • Mobile malware. New mobile malware samples increased 27% in Q2; this is the second successive quarter of growth. McAfee customers in South America reported the highest rate of infection, at 14%. Total mobile malware grew 42% in the past four quarters.
  • JavaScript malware. A 204% increase in new samples suggests that hackers appear to have shifted to a new generation of JavaScript malware. After decreasing significantly over the last three quarters, JavaScript malware accounted for more than 7 million new samples, a record high, and up from around 2 million in Q1.
  • LNK malware. While PowerShell has been active among fileless malware developers in recent previous quarters, new samples slowed to 15% growth. But new LNK malware continues to grow, as cybercriminals are increasingly using .lnk shortcuts to surreptitiously deliver malicious PowerShell scripts and other malware. Total samples in the category have increased 489% over the past four quarters.
  • Spam botnets. The Gamut spam botnet outpaced all others in Q2. Most notably, it pushed high volumes of “Canada Revenue Agency” phishing scams. Notable recent campaigns were related to bogus employment offers that are commonly used as a “money mule” recruitment tactic.

To View / Download McAfee Labs Report September 2018: Click Here

News Desk

News Desk

by CXO VOICE team memebrs, [email protected]

Related Posts

LTIMindtree
Business

LTIMindtree Secures $450 Million Multi-Year Deal with Global Agribusiness Leader

May 12, 2025
Amazon to Invest Over $4 Billion to Launch Infrastructure Region in Chile
Press Release

Amazon to Invest Over $4 Billion to Launch Infrastructure Region in Chile

May 9, 2025
Johnson & Johnson Medtech
Press Release

Johnson & Johnson Medtech Partners with Qure.ai to Boost Early Detection of Lung Cancer

May 9, 2025
Ant International and Barclays
Finance

Ant International and Barclays Partner to Revolutionize Global Treasury Management with Advanced AI Technology

May 7, 2025
Microsoft Farmbeats
Technology

Microsoft and National FFA Expand FarmBeats for Students Program to Enhance Agricultural Education Across the U.S.

May 7, 2025
CEOs on AI
AI

CEOs Bet Big on AI: Navigating the Hurdles to Unlock Its Power

May 7, 2025
Asus TUF 500
Technology

Unleash Your Gaming Potential with the ASUS TUF Gaming Compact Desktop

May 6, 2025
IBM Lumen
Business

Revolutionizing AI: Lumen Technologies and IBM Partner to Unlock Scalable AI for Businesses

May 6, 2025
Load More
ADVERTISEMENT

Latest Updates

LTIMindtree

LTIMindtree Secures $450 Million Multi-Year Deal with Global Agribusiness Leader

by News Desk
1 day ago

Amazon to Invest Over $4 Billion to Launch Infrastructure Region in Chile

Amazon to Invest Over $4 Billion to Launch Infrastructure Region in Chile

by News Desk
4 days ago

Johnson & Johnson Medtech

Johnson & Johnson Medtech Partners with Qure.ai to Boost Early Detection of Lung Cancer

by Businesswire Desk
4 days ago

Ant International and Barclays

Ant International and Barclays Partner to Revolutionize Global Treasury Management with Advanced AI Technology

by News Desk
6 days ago

Microsoft Farmbeats

Microsoft and National FFA Expand FarmBeats for Students Program to Enhance Agricultural Education Across the U.S.

by News Desk
6 days ago

CEOs on AI

CEOs Bet Big on AI: Navigating the Hurdles to Unlock Its Power

by Deepa Sharma
6 days ago

Expert Views

Molly Sands AI
AI

AI RIP: 5 Things Knowledge Workers Will Say ‘Sayonara’ to in the Next Decade

March 8, 2025
multi cloud
Cloud

Multi-Cloud Made Simple: Strategies for Smart Business Management

March 5, 2025
Soft Skills
Opinion

Soft Skills and Technical Know-How: A Winning Combination in the Tech Industry

March 4, 2025
Digital Freedom
Cyber Security

Your Data, Their Gold: The Silent Battle for Digital Freedom

February 25, 2025
LLM in India
AI

Why A Homegrown LLM Is the Next Big Leap for India

February 22, 2025

Get Latest Update

Subscribe to our mailing list to receives newsletter direct to your inbox!

ADVERTISEMENT

Leaders Interviews

Steve Wilson, GenAI Cybersecurity LLMs
Cyber Security

How effective is GenAI in cybersecurity? The role of LLMs and AI in security solutions. [Interview with Steve Wilson]

-
Interview on Counterfeit products with Nikhil Narayan
Leaders Talk

Advancements in ML & AI made it possible to detect counterfeit products in real-time, says Nikhil Narayan

-
Newgenone bridges the gap between business users and IT teams with its low code capability: Varun Goswami
Leaders Talk

Newgenone bridges the gap between business users and IT teams with its low code capability: Varun Goswami

-
AI chatbots, Prasanna-Kumar
Leaders Talk

Can AI chatbots enhance customer experience and reduce the cost of serving customers?

-

Entrepreneur

Samsung Electronics appoints its first female president

Inspiring Women Entrepreneurs in India (2022)

Technology Adoption For Entrepreneurs

Volunteering management is the need of the Hour

CXOVoice.com is a leading online publication for CXOs, entrepreneurs, senior leaders, developers, and industry professionals. Our coverage spans key sectors, including IT, technology, banking, finance, cybersecurity, engineering, and automobiles.

Connect with us

Easy Links

  • Cryptocurrency
  • Event
  • Blockchain
  • Press Release
  • Resources & Downloads

Write Us

[email protected]
  • Home
  • About Us
  • Contact Us
  • Advertise
  • Privacy & Policy
  • Feedback

Copyright © 2025 CXOVoice - All Right Reserved

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Our Spring Sale Has Started

You can see how this popup was set up in our step-by-step guide: https://wppopupmaker.com/guides/auto-opening-announcement-popups/

No Result
View All Result
  • Home
  • Technology
    • AI
    • Cloud
    • Telecom
    • Data Center
    • BPM
    • Blockchain
  • Finance
    • Banking
  • Cyber Security
  • View Points
  • Leaders Talk
  • News
  • Press Release
    • Submit Press Release

Copyright © 2025 CXOVoice - All Right Reserved