DDoS attacks are widely used as a smokescreen to infiltrate into a company’s network and trigger a malware or ransomware attack. They are also used for corporate sabotage
NEW DELHI: The recent surge in cryptocurrency prices, particularly those of Bitcoin, has made cryptojacking the top priority for cybercriminals, resulting in a dip in Distributed Denial of Service (DDoS) attacks. The number of DDoS attacks detected by Kaspersky in December quarter fell 31% sequentially, the cybersecurity firm said.
Security researchers at Kaspersky have attributed the drop in DDoS to growing interest in cryptocurrency mining, as hackers look to take advantage of the sudden rise in cryptocurrency prices.
Cybercriminals are believed to be re-profiling some botnets so that the Control and Command (C&C) servers could re-purpose infected devices and use their computing power to mine cryptocurrencies, instead of using them for DDoS attacks. Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrencies.
This shift was corroborated by Kaspersky Security Network (KSN), a distributed infrastructure that works with various anti-malware protection components. KSN’s data shows that during 2019 as well as in the first half of 2020, number of cryptominers detected had dropped. However, after August last year, these numbers had begun rising and plateaued in the December quarter.
“The DDoS attack market is currently affected by two opposite trends. On the one hand, people still highly rely on stable work of online resources, which can make DDoS attacks a common choice for malefactors," Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team said in a statement.
Kiselev, however, said that due to the jump in prices of cryptocurrencies, it may be more profitable for them to infect some devices with miners. As a result, the total number of DDoS attacks in Q4 remained quite stable. Kiselev believes this trend will continue in 2021.
In DDoS attacks, cybercriminals target websites and apps by overloading them with more traffic than what their web server or network can handle. This disrupts their services temporarily and makes them inaccessible. DDoS attacks are considered highly lucrative by cybercriminals as the profit margin is quite high. They are widely used as a smokescreen to infiltrate into a company’s network and trigger a malware or ransomware attack. They are also used for corporate sabotage.