In the world of digital theft, it is apparently a business model pivot.
Last year, cyber criminals have shifted their focus from ransomware attacks to so-called cryptojacking. It is the highlight of a new threat report published by IBM this week: Currently, in the previous money-making scheme, it was down 45% in 2018, while the incidence of the latter increased 450% over the same period of time, per IBM data.  With ransomware, hackers were unlocked sacrificing their data files and recovering access only after being paid ransom, cryptojacking has involved hijacking people's computers to "mine," or running programs that produce cryptocurrency. These mining scams have been captured everywhere from US court system sites, to Google Chrome extensions, to Tesla's cloud computing infrastructure, and beyond.
I talked about the implications of the trend of Charles Henderson, who leads the hacking team that produced the survey, IBM's X-Force Red. ("I like to tell people that X-Force Red is a new shade of IBM blue," Henderson says, with a hint of Texas drawl, of his not yet 3-year-old device.)
Henderson looks at criminal Underground turn against cryptojacking as a little fine tuning in the quest for profit. "This is not the Olympics, there are no style points … there are no sharks with lasers on their heads," Henderson says. Instead of pursuing fancy hacking flourishes, criminals are only interested solely on the simplest path to returns, or returns, he says.
Because encryption is less disruptive to consumers and businesses than extortion, there is a healthier way to generate revenue. "With the ransomware extortion rack, you lose the customer for a transaction, so it's one and done, it's no recurring income. I just mean the bad business," Henderson said. Predictability "The path to some founder is the poor revenue stream," says Henderson, referring to the inconsistency of one-time solutions. The mining model, however, has all the benefits of subscription revenue. "When you have a screen staring at you in the face that says it's not going to return your files unless you pay, that's an emergency," says Henderson. But if you just hear someone complain about slower Internet connection speeds , as may be the case for victims of cryptojacking, it gives fewer alarms.
Ignoring this balloon tr ultimately, the shit is a big mistake; The arrangement can cause significant destruction down the road. "The criminals set themselves up for future expansion of their criminal businesses," Henderson says.
In fact, what constitutes of stealthy cryptocurrency mining today could easily evolve into schemes to crack comforters of hashed, stolen passwords for all kinds of false purposes in the future. Afflicted machines can become a springboard to launch more insidious attacks. And the crypto drivers can even sell the botnets they are to threatening players with far worse intentions.
Crime is a business, and the bad guys are studying, mastering, adapting quickly. "It's like criminals went to the B school," Henderson says.
A version of this article was first listed in the Cyber Saturday, the weekend edition of Fortune's Technical News. Register here.