The Japanese company Trend Micro, which develops cybersecurity software, posted a message on its TrendLabs information blog about hackers distributing a bot for hidden mining of Monero.
Trend Micro experts on their TrendLabs blog announced the discovery of a new crypto-currency bot, which was first launched in South Korea and was called Digmine. Subsequently, the bot began to spread to other regions, such as Vietnam, Azerbaijan, Ukraine, the Philippines, Thailand and Venezuela. Considering the distribution method, the Digmine bot (using Monero) can reach more countries in a short time.
Digmine is encoded and distributed under the guise of a video file, which is actually an execution script. If a user's Facebook Messenger account is set to auto-login, then Digmine sends a link to the bot file to the account's friends. Digmine tries to reach as many machines as possible and, as a result, increase criminal income through hidden Monero mining.
Facebook Messenger supports different platforms, but Digmine only affects the version of the Chrome browser. If the file is opened through another web browser (for example, in a mobile application), the malware will not work.
For now, abuse of the Facebook Messenger network is blocked, but Trend Micro advises to monitor the security of your social media accounts and be careful when receiving messages from third parties.
According to blog.trendmicro.com
You May Also Like
Fake Facebook Accounts Are Trying to Steal Your Bitcoin
This month, some Facebook users noticed something strange - in the comments to their posts, Bitmain was advertising some kind of “partnership” that invited the user to make a cryptocurrency transaction. The post looked suspicious, some decided that the company’s page had been hacked.
Facebook users are being subjected to a new type of cybercrime - they are being asked to pay ransom in Bitcoin
The threats begin the moment the victim receives a small file with a personal password from an adult website in his email. Unlike other similar cases, victims claim that these passwords were valid. Cybercriminals claim that in order to obtain passwords, they infected videos on porn sites with a virus.
