Malware Crypto Cryptomining malware, or cryptocurrency mining malware or simply cryptojacking, is a relatively new term that refers ...
Malware Crypto |
Cyber criminals have increasingly turned to cryptomining malware as a way to harness the processing power of large numbers of computers, smartphones and other electronic devices to help them generate revenue from cryptocurrency mining. A single cryptocurrency mining botnet can net cyber criminals more than $30,000 per month, according to a recent report from cybersecurity company Kaspersky Labs.
List of cryptomining malware to avoid:
1. THE CRYPTOSHUFFLER:
This trojan has been around since 2016, according to Kaspersky. It infects computers and then sits almost invisibly in the background until the right time. The right time is when the user copies and pastes a string of characters and digits that look like a cryptocurrency wallet address. When that happens, it simply replaces that address with the Cryptoshuffler’s own wallet address. Unless the user spots the difference in the address, he or she will end up sending coins to the Cryptoshuffler wallet rather than the intended one.At the time of writing at the beginning of November 2017, about 23 bitcoin (over $180,000) in total has been reportedly sent to the Cryptoshuffler wallet address.2. Dubbed Dofoil, aka Smoke Loader malware:
It is a rapidly spreading window Pc cryptocurrency-mining malware that has infected almost 500,000 computers within just 12 hours and successfully blocked it to a large extent. Dubbed Dofoil, aka Smoke Loader, this malware was found dropping a cryptocurrency miner program as payload on infected Windows computers that mines Electroneum coins, yet another cryptocurrency, for attackers using victims' CPUs.On March 6 2018, Windows Defender suddenly detected more than 80,000 instances of several variants of Dofoil that raised the alarm at Microsoft Windows Defender research department, and within the next 12 hours, over 400,000 instances were recorded.The research team found that all these instances, rapidly spreading across Russia, Turkey, and Ukraine, were carrying a digital coin-mining payload, which masqueraded as a legitimate Windows binary to evade detection.
Dofoil uses a customized mining application that can mine different cryptocurrencies, but in this campaign, the malware was programmed to mine Electroneum coins only.
3. Coinhive crypto-jacking malware scripts:
The cryptocurrency mining malware epidemic is getting out of hand: nearly 50,000 sites have been surreptitiously infected with crypto-jacking scripts, according to security researcher Troy Mursch from Bad Packets Report. The researcher notes that Coinhive continues to be the most widespread crypto-jacking script out there, accounting for close to 40,000 infected websites – a stunning 81 percent of all recorded cases.It is worth pointing out that Mursch was able to find at least 30,000 websites running Coinhive back in November last year.For the rest, Bad Packets Report indicates the remaining 19 percent are spread between various Coinhive alternatives, like Crypto-Loot, CoinImp, Minr and deepMiner.
His research suggests there are 2,057 sites infected by Crypto-Loot, 4,119 by CoinImp, 692 sites by Minr, and 2,160 by deepMiner.Back in February, security researchers discovered that a slew of legitimate websites – including government and public service agency portals – were quietly running crypto-jacking scripts.
COMMENTS