Researchers at cybersecurity company McAfee Labs have discovered new malware called "WebCobra" that uses computers' processing power to secretly mine the cryptocurrencies Monero and Zcash.
WebCobra installs Cryptonight or Claymore miners, depending on the configuration of the victims' computers. On x86 systems, it injects the Cryptonight miner code into the running process and starts monitoring the progress of the process. On x64 systems, it checks the GPU configuration and downloads the Claymore miner from a remote server.
Even though the malware was developed in Russia, researchers claim to have found it worldwide, with the largest number of infected computers seen in Brazil, South Africa and the United States.
However, there is a lot of stealth mining malware that remains undetected due to higher complexity. Most users - and even detectors - are unaware of an intrusion until their computer begins to perform poorly or crashes completely. By then you may have a huge electricity bill. Therefore, McAfee recommends that users scan their computers. If they start to work slowly, this may mean that they are affected by one of the malware.
According to the Cyber Threat Alliance (CTA), cryptojacking increased by 459% in 2018. The unexpected spike was attributed to EternalBlue, a software vulnerability in the Microsoft Windows operating system.
Experts say Microsoft and the National Security Agency are responsible for the leak, which occurred in April 2017 when the criminal group Shadow Brokers put a package of stolen NSA tools on the market.
The package was used to develop malicious mining software that was difficult to patch.
“A patch for EternalBlue was made available for 18 months and, even after that, was used in two global cyber attacks - WannaCry and NotPetya. There are still many organizations that fall victim to these viruses," said Neil Jenkins, chief analyst at CTA.
Microsoft accuses the US government of being careless and reckless in the process of "stockpiling" cyber weapons.
"This attack is another example of how vulnerabilities in the hands of governments are repeatedly exposed to the public domain and cause global harm," said Brad Smith, the company's president and general counsel. Microsoft.
According to ccn.com
You May Also Like
Two pseudo-ICOs raised $68 million in August alone
According to a recent Diar study, fraudulent ICOs cost investors almost $100 million. Researchers have counted funds stolen since the beginning of July 2016. According to Diar, in the first two weeks of August alone, two large-scale fraudulent ICOs managed to earn $68 million from unwary investors.
Install Flash at the price of cryptocurrency mining
If you thought that problems with the Flash plugin had stopped, then you are mistaken, they are gaining momentum, and scammers have become wiser and more creative.
