JAKARTA – The decline in profits made from ransomware and cryptojacking attacks, global hackers are now turning to new attack models, namely formjacking which aims to steal ATM card data and credit cards from digital service users.
According to the official Symantec report titled Internet Security Threat Report Volume 24 released in February 2019, the benefits of ransomware and cryptojacking attacks fell throughout 2018.
Director, System Engineering, Asean, Symantec Halim Santoso explained that cryptojacking activity fell 52% in 2018. In fact, the value of profit from cryptojacking dropped by 90%.
“Symantec has also blocked 3.5 million cryptojacking attacks at the end point in December 2018,” Halim Santoso said at a press conference held in Jakarta on Wednesday (6/3).
However, cryptojacking still has an attraction for attackers mainly because it is supported by several factors such as low entry barriers, minimal overhead, and anonymity.
Meanwhile, ransomware attacks also dropped during 2018. For the first time, ransomware infections dropped by 20%. The increasing adoption of cloud computing services is said to be a factor that causes ransomware attacks to be less effective.
Furthermore, Halim said the increasing percentage of ransomware and cryptominers attacks from 2017 to 2018 actually proved that the two schemes of attacks were increasingly unprofitable for hackers.
In the report, it was mentioned that globally ransomware attacks increased by 2.6%, up 1.6% from 2017. Meanwhile, the cryptominers attack in 2018 was 2%, more than in 2017, which was 0.6% .
Facing such a position, the hackers finally changed their crime scheme through methods such as formjacking. The formjacking attack is very simple. Basically, attackers use virtual ATM skimming by injecting malicious codes into a company’s website to steal payment card data belonging to consumers.
As of 2018, more than 4,800 websites have been infected by formjacking code every month. Halim added, Symantec managed to block more than 3.7 million formack attacks on end-points in 2018.