Cryptocurrency mining malware has infected over 1.65 million computers this year
Russian security firm, Kaspersky Labs, has been monitoring data on cryptocurrency mining trojans for seven years now. There has been a rapid increase in the number of infected computers over that time, and the total for 2017-to-date has already passed 1.65 million infected devices. This figure isn't far from surpassing the 2015 numbers and indicates that there will likely be more infections this year than in 2016, despite virus scanners attempting to find and remove these trojans.
While trojans are often used to try and sneak keyloggers onto systems to capture banking details or credit card information, a more consistent target for some hacking groups is to make their infected network of computers mine cryptocurrency (process transactions) for them.
Often they target currencies that allow anonymous transactions, such as Zcash and Monero, since some other major cryptocurrencies are only semi-anonymous. In the case of Bitcoin, all transactions are stored publicly, and anyone can monitor the balance and movements of any known Bitcoin address — which is how authorities tracked the transactions of the WannaCry hackers. The identity of the address owner is only anonymous until they perform an action that reveals their details, such as making a purchase.
The number of cryptocurrency trojan infections is likely to keep rising for the next few years due to two factors. First is that as the currencies themselves get more popular, they will become easier and more attractive methods of laundering money. Second is that this branch of trojan has a broad install base; in 2017 there have been significant cases of injections on all three of the largest operating systems — Windows, MacOS, and Linux.