Browser-based cryptojacking is back as attacks spike 163%

The crypto price surge since March has been accompanied by a wave of cryptojacking attacks according to new research published by cybersecurity firm Symantec.

According to the company there was a 163% increase in browser-based cryptojacking activity in the second quarter of 2020. Cryptojacking had previously been in a steep decline from March 2019 due to the shutdown of the mining script maker, CoinHive.

Symantec points out the increase in the last quarter coincided with a surge in the value of Bitcoin (BTC) and Monero (XMR), two cryptocurrencies often mined by the threat actors that rely on browser-based cryptojacking malware.

Cryptojacking saw a high activity period from September 2017 to March 2019, becoming one of the most prevalent forms of cyber-attacks at that time. But in 2019, the CoinHive project reportedly became economically inviable. Per the announcement, the mining service stopped its operations on March 8, 2019. Among the reasons behind the closure, the developers noted a 50 percent drop in hash rate following the last Monero hard fork.

During an interview with Cointelegraph on August 01, Josh Lemos, VP of research and intelligence at BlackBerry, said that crypto miners don’t need to be sophisticated and can be delivered in various ways:

“From JavaScript running on a website as a watering hole attack or embedded in a spear-phishing email to supply chain attacks with miners embedded in docker hub images and malicious browser extensions.”

However in a recent report ZDNet suggested that the current increase in attacks was unlikely to be sustained.

“Most cybercrime groups who experimented with cryptojacking operations in the past usually dropped it weeks later, as they also discovered that browser-based cryptocurrency-mining was both a waste of their time and too noisy, drawing more attention to their respective operations than profits.”