Cryptocurrency News

Kaspersky Reports More Than 230% Growth in New Malicious Crypto Mining Programs

Kaspersky Reports More Than 230% Growth in New Malicious Crypto Mining Programs

In Q3 2022, Kaspersky observed a sharp, 230% increase in crypto miner variants, compared to the same period last year. The number of new variants exceeded 150,000. Remaining hidden for months, cybercriminals use the processing power of the victim’s computer to mine cryptocurrency, with incomes reaching up to $40,500 (2 BTC) per month. Monero (XMR) is the most popular cryptocurrency for malicious mining.

The “crypto winter of 2022,” saw the value of cryptocurrencies drop significantly, and the industry is facing a liquidity crisis. Despite that, criminal activity targeting cryptocurrency does not seem to be slowing down, according to Kaspersky’s new research report “The state of cryptojacking in 2022.”

Latest Fintech News: BankiFi and MX Partner to Enable Data Sharing and Account Connectivity for Financial Institutions Serving SMB Customers

Cryptocurrency mining is a painstaking and costly process, but can be a very rewarding one for cybercriminals. They don’t have to pay for equipment, or for electricity, which is expensive in 2022. They install mining software on the victim’s computer to use its processing power without the user’s consent. It does not require much technical expertise. In fact, all the attacker needs to know is how to create a miner using open-source code, or where to buy one. If the crypto mining malware is installed successfully on the victim’s computer, it provides its operator with steady earnings.

2022 has seen a sharp increase in the number of new modifications to malicious mining programs. During the first three quarters of 2022, expert analysis identified 215,843 new miners, more than twice as many as the same period last year.


Q1 2021 23,894
Q2 2021 31,443
Q3 2021 46,097
Q1 2022 21,282
Q2 2022 40,788
Q3 2022 153,773

The number of new miner modifications, Q1 – Q3, 2021 and 2022

Notably, this increase is primarily due to a sharp jump in the 3rd quarter of 2022, with the number of new malicious miners exceeding 150,000.

Many of the analyzed samples of malicious mining software (48%) secretly mine Monero (XMR) currency via the victim’s computer. This currency is known for its advanced technologies that anonymize transaction data to achieve maximum privacy. Those monitoring it cannot decipher addresses trading Monero, transaction amounts, balances, or transaction histories. All of these factors are extremely appealing to cybercriminals.

Latest Fintech News: TEM Now Available to Buy and Trade On Probit

When it came to the world’s most widely used cryptocurrency, Bitcoin wallets that were used in illicit mining accumulated around $1,500, on average, in Bitcoin every month. In one case, the researchers recorded an incoming transaction of 2 BTC, which is more than $40,500, in a single analyzed wallet.

Most frequently, attackers distribute miners through malicious files masquerading as pirated content, such as films, music, games and software. Unpatched vulnerabilities also present a way for cybercriminals to spread miners. Kaspersky telemetry shows that nearly every 6th vulnerability-exploiting attack in Q3 was accompanied by a miner infection. In Q3, miners became even more widespread than backdoors, which were the prime choice of cybercriminals throughout the first half of 2022.


Q1 2022 % Q2 2022 % Q3 2022 %
backdoor 28.86% backdoor 27.4% ransom 21.2%
ransom 17.01% ransom 17.1% miner  16.5% 
miner  12.20%  miner  13.8%  backdoor 15.6%
downloader 3.00% downloader 1.8% downloader 2.7%

The share of miners among the malware that attackers tried to launch as a result of exploiting vulnerabilities 

“Although these are not the best days for the cryptocurrency industry, the topic of cryptocurrency has been in the spotlight throughout the year, so it’s not surprising that malicious actors would want to profit from these trends,” said Andrey Ivanov, security expert at Kaspersky. “The silver lining is that while the number of threats is rising, there are no dramatic changes in the number of users that encounter miners. That is why it is extremely important to raise awareness about the first signs that malware is being downloaded onto your computer. It is also necessary to install a reliable security solution that will prevent attacks at an early stage.”

To stay protected from crypto miners, Kaspersky experts also recommend:

  • Do not visit websites allowing you to watch a movie until you are sure that they are legitimate and start with ‘https’. Confirm that the website is genuine by double-checking the format of the URL or the spelling of the company name, reading reviews about it and checking the domain’s registration data before starting downloads.
  • Security solutions will protect your computer and other devices from unauthorized usage of your PC computing power to generate cryptocurrency and prevent deterioration of PC performance.
  • Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.
  • Use a dedicated security solution such as Kaspersky Endpoint Security for Business with application and web control to minimize the chance for cryptominers to be launched; behavior analysis helps quickly detect malicious activity, while vulnerability and patch management protects from cryptominers that exploit vulnerabilities.

Latest Fintech News: Prepay Nation Partners With Neofie to Offer Customers Prepaid Products

[To share your insights with us, please write to]

Related posts

Three Acquisitions By Gryphon Investors, Including the ServiceNow Division of Highmetric, Will Form the Leading Worldwide ServiceNow-Focused Services Provider

Fintech News Desk

One Equity Partners To Acquire Trustmarque, A Leading UK IT Solutions Provider

Fintech News Desk

Radware Expands Relationship with One of Africa’s Leading Banking Groups and Top 10 Most Valuable Banking Brands

Fintech News Desk