Since the beginning of the year, Kaspersky has detected over 1,500 fraudulent resources globally targeting potential digital currency investors or those interested in block reward mining. The schemes have varied, including through the creation of fake exchange websites which require pre-payment before purportedly issuing a bonus. Phishing is also quite common, with attackers targeting the private keys of their victims.
However, according to the Moscow-based firm, Cryptojacking remains the most popular method of attack. Since 2018, over 5 million machines have been infected. And while this threat has decreased since it peaked a few years back, it remains prevalent in Africa, Kaspersky says.
In Kenya, 0.85% of all users were targeted by Cryptojackers, who use their victim’s computer to mine digital currencies without their knowledge or consent. In Nigeria, it was 0.71% while in South Africa it was 0.60%. The three are Africa’s biggest digital currency markets.
Bethwel Opil, the enterprise sales manager for Kaspersky in Africa, remarked, “Although these percentages may be interpreted as low and may not seem significant to users, crypto-miner malware has been identified as one of the top 3 malware families rife in South Africa, Kenya and Nigeria at present, which we believe emphasizes that as cryptocurrency continues to gain momentum, more users will likely be targeted.”
In other countries, the share of those targeted by Cryptojacking is much higher. In Ethiopia, it stands at 3.68% while in Rwanda it’s at 3.22%.
This rise in digital currency-related attacks was expected, Alexey Marchenko remarked. Alexey, who is the head of the content filtering methods development department for Kaspersky believes that criminals have adopted quickly to follow the masses as digital currencies become very popular in the continent.
He remarked, “Lately, many have become interested in cryptocurrencies, and attackers would not pass up the opportunity to use this to their advantage. At the same time, both those who want to invest or mine cryptocurrency and simply the holders of such funds can find themselves on the fraudsters’ radar.”
How to Prevent Cryptojacking
- Install an ad-blocking or anti-cryptomining extension on web browsers.
- Use endpoint protection that is capable of detecting known crypto miners.
- Keep your web filtering tools up to date.
- Maintain browser extensions.
- Use a mobile device management (MDM) solution to better control what’s on users’ devices.