Business & Finance

New Form of Non-Detectable Cryptojacking Malware Found by Kaspersky

Kaspersky labs disclosed in its findings, related to the presence of new form of cryptojacking, a malware is heading for corporations.

In the latest findings, Kaspersky explained the working principles of such malware. According to their findings, PowerGhost, the malware they dubbed, used system’s native processes to hijack the computer. It’s a very strong malware that can establish itself on a system and affect all the workstations and servers which are linked with corporate’s network. It’s easy to comprehend that more time spent by hackers on a network and more number of machines getting trapped by malware, means more gains and profits for them.

This type of fileless malware is the new and trending weapon of hackers. The technique is so advance that it is not even detected by anti-viruses. The software now used for purpose of hacking is encouraging and escalating the growth in numbers of hackers. According to Kaspersky, the potential of blockchain is now understood by hackers very well. This led them to work for exploring more techniques and advance software rather than using ransomware trojans for silently fulfilling their aims. Kaspersky states:

It appears the growing popularity and rates of cryptocurrencies have convinced the bad guys of the need to invest in new mining techniques – as our data demonstrates, miners are gradually replacing ransomware Trojans.

One of the principal researcher at lab, David Emm, suggested that hackers are now focusing to get as big as possible in least possible time duration, which has compelled them to look in to enterprises rather than the individual customer. He further shared his concerns by declaring cryptojacking, very harmful for the businesses. He said:

PowerGhost raises new concerns about crypto-mining software. The miner we examined indicates that targeting consumers is not enough for cybercriminals anymore – threat actors are now turning their attention to enterprises too. Crypto-currency mining is set to become a huge threat to the business community.

The findings of the Kaspersky labs tell that the malware attacks are highly concentrated in Brazil, Columbia, Turkey and India. Traces of affected files were detected in many European and North American companies as well.

A report by Skybox security suggests that cryptojacking and illicit cryptocurrency mining, has gained popularity. Skybox found out this trends in the past for preferences of different techniques used by hackers are completely opposite to today’s trends. In 2017, ransomware attacks made up 32% of all attacks while cryptojacking represented 7% of the total at the time but in 2018, crypto miners holds for 32% of all cyberattacks, while ransomware only makes up 8%. According to, the change in trend is primarily because of the leverages and offerings of cryptojacking. The company said:

Cryptocurrency miners may be the new kid on the block, but they’re taking over. With high-profit opportunity and a low chance of being discovered or stopped, this malware tool provides a money-making safe haven for cybercriminals.

MalwareBytes labs published the reports that analyzed activity regarding the detection of cryptojacking cybercrimes. Although in Q2 2018, there is decrease in cryptojacking detection but a relation of such activities is established with the performance of crpytocurrencies. The report suggests that these activities have a direct relation with market values of cryptocurrencies i.e. increasing with increase in prices of cryptocurrencies and vice versa. The report noted:

Cryptomining detections are slowly declining; however, as one of the top two detections for both businesses and consumers, they still dominate the threat landscape… The trend in detections closely mirrors the ebb and flow of cryptocurrency market prices, including Bitcoin, Ethereum, and Monero.

Common methods used for cryptojacking include integration of mining scripts on to torrent sites such as The Pirate Bay, hiding them in apps available on Google Play store or Mac app store. If a mining script is running in the background of operating system of any device, the most noticeable hints can be; Speedy drainage of battery, device’s RAM and ROM occupied with a lot more data then before and device’s activity getting very slow.

Cautionary measures such as removal of apps from Google Play store and Mac app store and software by MalwareBytes are trying their best to minimize cryptojacking. But potential of harm encompassed in cryptojacking is such a massive threat for blockchain that its complete eradication will require a lot more to ensure security in the world of blockchain.

Fatir Malik

Electrical engineer by profession, turned into blockchain developer. Fatir contributes regularly with his insights about latest developments in fintech sector. Contact the editor at

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.