Cryptocurrency-mining malware writers are dialing back their use of your compute cycles in order to avoid detection. This is according to Johannes Ullrich, head of research at SANS, who today pointed out that malicious mining apps are scaling down activity and employing built-in encryption to make them harder for antivirus …
"I really wish that attackers would actually come up with a new scheme to make money so life will be more interesting," he mused.
One should be careful what they wish for. There's an old curse along the line of: "May you live in interesting times.". That being said, there is nothing better than a good challenge which Johannes is wanting.
Think this through.... The whole software industry is moving to an 'as a service' model so that they will have a regular revenue stream. No more peaks & valleys whenever MSFT releases a new OS, for example.
The bad guys are often jaded and dissolutioned good guys who were RIF'd or in some other way affected by a company's business decisions. Now they have skills and are unemployed. Well the problem with ransomware is they have to announce the 'game is up' in order to get paid. With crypto-mining, if they are smart they will not spike the CPU and expose themselves. Thus they get a nice steady revenue stream - just like what the rest of the industry is doing.