Researchers at cybersecurity company McAfee Labs have discovered new malware called "WebCobra" that uses computers' processing power to secretly mine the cryptocurrencies Monero and Zcash.
WebCobra installs Cryptonight or Claymore miners, depending on the configuration of the victims' computers. On x86 systems, it injects the Cryptonight miner code into the running process and starts monitoring the progress of the process. On x64 systems, it checks the GPU configuration and downloads the Claymore miner from a remote server.
Even though the malware was developed in Russia, researchers claim to have found it worldwide, with the largest number of infected computers seen in Brazil, South Africa and the United States.
However, there is a lot of stealth mining malware that remains undetected due to higher complexity. Most users - and even detectors - are unaware of an intrusion until their computer begins to perform poorly or crashes completely. By then you may have a huge electricity bill. Therefore, McAfee recommends that users scan their computers. If they start to work slowly, this may mean that they are affected by one of the malware.
According to the Cyber Threat Alliance (CTA), cryptojacking increased by 459% in 2018. The unexpected spike was attributed to EternalBlue, a software vulnerability in the Microsoft Windows operating system.
Experts say Microsoft and the National Security Agency are responsible for the leak, which occurred in April 2017 when the criminal group Shadow Brokers put a package of stolen NSA tools on the market.
The package was used to develop malicious mining software that was difficult to patch.
“A patch for EternalBlue was made available for 18 months and, even after that, was used in two global cyber attacks - WannaCry and NotPetya. There are still many organizations that fall victim to these viruses," said Neil Jenkins, chief analyst at CTA.
Microsoft accuses the US government of being careless and reckless in the process of "stockpiling" cyber weapons.
"This attack is another example of how vulnerabilities in the hands of governments are repeatedly exposed to the public domain and cause global harm," said Brad Smith, the company's president and general counsel. Microsoft.
According to ccn.com
You May Also Like
Critical vulnerability in Apache Struts opened the door to gray miners
Security experts say the critical Apache Struts vulnerability, discovered last week, is being actively exploited to maliciously install a popular hidden cryptocurrency miner on a victim's system.
NEO bug allows hackers to make money
According to Chinese internet company Tencent, NEO users are at risk of losing their funds at any second as a newly discovered security vulnerability allows hackers to gain remote access to their wallets.
