Report: Bitcoin Targeted in 22% of Financial Malware Attacks

Security firm Kaspersky Lab has found that bitcoin is the target in more than one fifth of all malware attacks aimed at victims' money.

According to Kaspersky's latest threat report, entitled ' IT Threat Evolution Q2 2014’https://securelist.com/files/2014/08/KL_Q2_IT_Threat_evolution_EN.pdf, bitcoin mining malware accounted for 14% of attacks in the second quarter of 2014, while bitcoin wallet stealers accounted for 8%.

Keyloggers, which can be used to compromise both bitcoin and banking services, also made the list, with 4% of all attacks attributed to various forms of key logging malware.

Traditional banking malware still leads the way with 74%, but considering the size of the bitcoin economy it is clear that bitcoin users and operators face a significant likelihood of being subjected to an attack.

Bitcoin attacks declining

"Fraudsters are also happy to use computing resources to generate crypto currency: bitcoin miners account for 14% of all financial attacks," the report warns. "Criminals also use keyloggers to collect user credentials for online banking and payment systems in another bid to access bank accounts."

Although the figures are disturbing, the relative number of bitcoin-related malware attacks has actually gone down since Kaspersky's last annual report.

In the 2013 report, bitcoin wallet stealers accounted for 20.18% of all financial malware attacks, while mining malware accounted for 8.91%, giving a combined total of 29%.

In the meantime, the number of threats has gone down, but the threat landscape has evolved – as wallet stealers fell out of favour, mining malware took their place as the predominant form of bitcoin-related malware.

The rise and fall of mining malware

Several security firms have issued reports mentioning bitcoin malware in recent months, with the number of attacks rising sharply since early 2013 in parallel with bitcoin's massive peak in popularity.

Malware makers have been experimenting with various forms of bitcoin malware, ranging from programs designed to create elaborate mining botnets, to ransomware like CryptoLocker that uses bitcoin as a form of payment.

Fortunately, it did not take long for security firms and the authorities to catch up. Numerous bitcoin mining botnets have been dismantled since late 2013, including CryptoLocker in June.

Even without law enforcement and security specialists dedicated to combating financial malware, bitcoin mining malware is facing an uphill struggle as it is essentially an obsolete concept, thanks to basic maths and economics, rather than a concerted effort to combat the spread of mining malware.

McAfee's latest report found that bitcoin mining botnets are going mainstream due to the widespread availability of mining malware online, but it also said that they are obsolete and practically futile.

The simple fact is, bitcoin's difficulty level is simply too high to effectively mine bitcoin on non-specialised hardware. So, although mining malware is abundant and cheap to procure, it is being increasingly redundant with each new bitcoin difficulty cycle.

Furthermore, enabling cryptocurrency mining functionality on a botnet can easily alarm the users of infected systems, drastically increasing botnet attrition in the process. In other words, rather than making money, botnet operators who decide to use mining malware run the risk of having their operations discovered and losing potential profits through attrition.

Malware image via Shutterstock