Report: Container Software Vulnerabilities On the Rise, Mining Malware Is Fading Away

Published at: July 24, 2019

Cryptocurrency ransomware, botnets and backdoors seem to have replaced cryptocurrency mining malware as the tool of choice for cybercriminals, according to a recent report from computer security firm Skybox Security.

In its report dubbed “2019 Vulnerability and Threat Trends: Mid-Year Update,” Skybox reviews software vulnerabilities and newly developed exploits, as well as malware and attacks, among other related issues.

Cloud services vulnerabilities are on the rise

When it comes to digital currencies, the report notes that in 2018, cryptocurrency mining malware was the most popular tool for cybercriminals. However, following the decline in cryptocurrency values, attackers reportedly turned to ransomware, botnets and backdoors. The latter tools increased by 10%, 8% and 18% respectively, between the first half of 2018 and the same period this year.

Skybox further points out the growth of vulnerabilities in various cloud services, especially container software. The report states:

“Vulnerabilities in container software have increased by 46% in the first half of 2019 compared to the same period in 2018. Looking at the two year trend of container vulnerabilities published in first halves, container vulnerabilities have increased by 240%.”

Containers, as explained by Google, “offer a logical packaging mechanism in which applications can be abstracted from the environment in which they actually run. [...] Containers allow you to package your application together with libraries and other dependencies, providing isolated environments for running your software services.”

The findings conclude that mobile applications were exploited more than any other category in the first half of 2019, with roughly 150 exploits or proof-of-concepts.

One positive development, Skybox notes, is that only a tenth of over 7,000 vulnerabilities published by mid-2019 were exploited in the wild. 

As a dedicated analysis by Cointelegraph published showed in June, throughout the past six months, seven crypto exchanges had reportedly seen large-scale hacking attacks to the tune of tens of millions of dollars.

Tags
Related Posts
South Korea: Four ‘Young’ Hackers Booked in Cryptojacking Case Targeting Over 6,000 PCs
Four “young” hackers have been arrested in a cryptojacking case involving over 6,000 computers in what is allegedly South Korea’s “first” known case of its kind, Korean English-language news outlet Aju Daily reports Nov. 8. Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. Aju Daily cites a statement from the National Police Agency's cyber bureau that clarified that the four accused had not been detained, but would face a trial for allegedly infecting 6,038 PCs with malicious mining malware, which had been concealed in job application documents sent …
Cryptocurrencies / Nov. 8, 2018
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020
Researchers Discover New Cryptocurrency-Focused Trojan
Computer analysts at cybersecurity firm Zscaler ThreatLabZ have found a new type of trojan that targets cryptocurrency users. In a blog post published on Aug. 8, the company reveals that it identified a new remote-access trojan (RAT) that is able to capture administrative control of the targeted computer, retrieve browser history and look for activities involving cryptocurrency, credit cards, business, social media and others. The malware is called Saefko and is written in .NET, a software framework developed by Microsoft and used to develop a wide range of applications. The post further explains: “RATs are usually downloaded as a result …
Cryptocurrencies / Aug. 9, 2019
Research Reveals $1.7 Billion Obtained via Crypto Thefts and Scams in 2018
About $1.7 billion in cryptocurrency had been obtained via illicit means in 2018, according to research published by crypto analytics company CipherTrace on Jan. 29. Of that $1.7 billion, over $950 million was stolen from crypto exchanges, representing a 3.6 times increase over 2017. On the other hand, at least $725 million was lost in 2018 to scams such as ponzi schemes, exit schemes and fraudulent initial coin offerings (ICOs). CipherTrace also listed what the company believes to be the top ten cryptocurrency threats: the highest is SIM swapping, which is a kind of identity theft involving taking control over …
Cryptocurrencies / Jan. 30, 2019
Crypto Price Tracking App CoinTicker Installs Backdoors to Control Host Computer: Report
Cybersecurity publications were sounding the alarm over cryptocurrency malware again Monday, Oct. 29 after a Malwarebytes forum user reported a price monitoring app for macOS was a trojan. Confirmed in a blog post by the cybersecurity software developer, community member 1vladimir reported suspicious behavior by an app called CoinTicker over the weekend. The app purports to let users track cryptocurrency prices from within the Mac toolbar, which update automatically. “Although this functionality seems to be legitimate, the app is actually up to no good in the background, unbeknownst to the user,” Malwarebytes’ blog post explains, adding: “Without any signs of …
Cryptocurrencies / Oct. 30, 2018