Cryptocurrency miners have increased their use of mining tools that utilize coin central processing unit (CPU) mining tools, and to a lesser extent graphic processing units (GPU), and are specifically targeting enterprise networks.
IBM's X-Force team noted a six-fold increase in attacks using these embedded mining tools between January and August of 2017, which coincides with a Kaspersky Lab's report that indicates the number of end points infected with this malware has risen of late. IBM analysts found the mining tools were generally hidden in fake image files and hosted on compromised web servers running Joomla, WordPress or JBoss application servers.
The Monero cryptocurrency has been the main mining target and IBM found a computer dedicated only to mining will generate about $2.35 per month for the miner.
The most commonly attacked industries are manufacturing and financial services, followed by arts and entertainment, IT and retail.
“The reason why certain industries were targeted over others is not easily explained. Attackers are likely targeting industries with the most vulnerable targets versus those that offer some type of advantage in terms of mining virtual currency,” IBM reported.
The use of GPUs has also increased as these are even better at handling math.