Cryptominers were the most common malware threat in 2021

An abstract image of digital security.
(Image credit: Shutterstock)

Stealing sensitive company data might make headlines, but many cybercriminals still prefer installing cryptominers on compromised endpoints for quick, easy, and relatively harmless profit, new research has suggested.

A report from Atlas VPN and Trend Micro found cryptominers were the top malware family in 2021, with exactly 150,909 detections over the course of the year.

“Mining” cryptocurrencies such as bitcoin, or ether, requires heavy computational power, an active internet connection, and plenty of electricity. Crooks have learned of ways to install cryptocurrency miners on compromised devices, and have all the proceedings sent to their private wallet address.

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window <<

Targeting businesses

Besides raking up the electricity bill for the victim, a cryptominer will often render the device unusable. 

Threat actors most often targeted information and communication businesses with malware, discovering 561,753 malware files in emails sent to employees in the industry. Retail was second, with 397,072 weaponized emails sent, followed by the construction industry, with 356,952.

At the bottom of this list were the finance and manufacturing industries, receiving “just” 198,408, and 188,373 malware files, respectively.

Despite the relative popularity of cryptominers, they’re far from being the only virus being distributed around. Web shell scripts, which allow attackers to access sensitive content, or set up a ransomware attack, were detected 149,290 times. 

The Ulise malware accounted for 145,321 detections in 2021, followed by WannaCry with 97,585 detections. 

“Malware attacks enable attackers to profit off businesses simply and efficiently. Companies that become victims of cyberattacks often become vulnerable to data theft, hijacking, and other similar cyberattacks in the future,” commented cybersecurity writer at Atlas VPN, Vilius Kardelis.

“By employing good cybersecurity practices and applications, businesses can mitigate malware attack risks.”

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.