For the past two weeks, we have seen a significant increase in Bitcoin Miner malware among our top D-Zone DNS Firewall blocks. This week, cryptocurrency-related malware is still a significant contributor to the top 10 list but the total number of queries has dropped way off. This indicates that this round of activity is on the wane (for now).
For our weekly web security warning, we thought it would be interesting to explore what each of the categories means for the user. We have a library of over 400 types of malware so let’s see what hit the top 10.
Any malware whose primary function is using victim computers' CPUs and electricity to mine Bitcoins. Don’t let your machine be someone else’s profits – if you let this happen you might as well mine your own cryptocurrencies because at least that won’t leave a lot of CPU cycles left for the baddies.
An IoT botnet that is used primarily to launch DDoS attacks. Also includes variants (e.g. Persirai). Remember when the internet broke down in 2016? Yup, that was Mirai, and it remains a persistent threat
Malware Call Home
Domains used for malware post-infection communications. This one is a pervasive problem for our customers as malware attempts to contact host servers. Those primarily impacted are in the education sector as, we assume, students link their infected machines to the network.