Internet security provider and research lab McAfee Labs has uncovered new malware which secretly uses consumer devices to mine Monero (XMR), a blog post confirmed Nov. 12. Dubbed “WebCobra” and originating from Russia, the latest threat downloads one of two mining clients and uses the processor power of an infected device to generate coins for the perpetrators. Displaying the more “classic” behavior of so-called “cryptojacker” malware, WebCobra runs almost without a trace, McAfee Labs says, the only noticeable difference for the end user being reduced hardware performance. “Coin mining malware is difficult to detect. Once a machine is compromised, a …
Japanese multinational cybersecurity firm Trend Micro has detected a new strain of crypto-mining malware that targets PCs running Linux, according to a report published Nov. 8. The new strain is reportedly able to hide the malicious process of unauthorized cryptocurrency-mining through users’ CPU by implementing a rootkit component. The malware itself, detected by Trend Micro as Coinminer.Linux.KORKERDS.AB, is also reportedly capable of updating itself. According to the report, the combination of hiding and self-upgrading capabilities gives the malware a great advantage. While the rootkit fails to hide the increased CPU usage and the presence of a running crypto-mining malware, it …
Four “young” hackers have been arrested in a cryptojacking case involving over 6,000 computers in what is allegedly South Korea’s “first” known case of its kind, Korean English-language news outlet Aju Daily reports Nov. 8. Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. Aju Daily cites a statement from the National Police Agency's cyber bureau that clarified that the four accused had not been detained, but would face a trial for allegedly infecting 6,038 PCs with malicious mining malware, which had been concealed in job application documents sent …
Cybersecurity publications were sounding the alarm over cryptocurrency malware again Monday, Oct. 29 after a Malwarebytes forum user reported a price monitoring app for macOS was a trojan. Confirmed in a blog post by the cybersecurity software developer, community member 1vladimir reported suspicious behavior by an app called CoinTicker over the weekend. The app purports to let users track cryptocurrency prices from within the Mac toolbar, which update automatically. “Although this functionality seems to be legitimate, the app is actually up to no good in the background, unbeknownst to the user,” Malwarebytes’ blog post explains, adding: “Without any signs of …
Researchers have identified cryptojacking malware that conceals itself behind a fake Adobe Flash update. The finding has been revealed in a cyber threat report published by Unit 42 research group on Oct. 11. Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. According to new research released by Unit 42, Palo Alto Networks' threat intelligence team, the malware strain surreptitiously compels computers to mine Monero (XMR) by installing an “XMRig cryptocurrency miner.” The new malware is said to be particularly harmful, as the developers have copied the pop-up notification …
The highest number of recorded incidents of Coinhive cryptojacking software have taken place in Brazil, Iran’s country’s cybersecurity authority revealed in a report Monday, October 8. According to the Iranian authority’s report on malware in 2017, Brazil, the country with the most reported cases, has been hit over 81,000 times by Coinhive. India came in second with around 29,000, followed by Indonesia with more than 23,000, while Iran scored about 11,000. Coinhive, the cryptocurrency mining software which mines Monero (XMR), provides an Application Programming Interface (API) to developers, which then lets the developer use a website visitors’ CPU resources to …
Google’s new restrictions on Chrome Web Store extensions introduced Monday, October 1, are likely to affect cryptojackers. In a blog post, Google confirmed that as of now, Chrome extensions submitted to the Web Store would not be allowed if they contained “obfuscated” code. Aside from the security implications, obfuscated code, which the post describes as “mainly used to conceal code functionality,” “adds a great deal of complexity” to the process of reviewing extensions for approval. Cryptojackers rely on the clandestine insertion of malicious malware into scripts, allowing them to mine for cryptocurrencies without those being hacked noticing. In May, cybersecurity …
South and North Korea may be separated by a border that's only 2.5 miles wide, but the two nations couldn't possibly be more different, at least when it comes to crypto. South Korea has emerged over the past few years as one of the world's major crypto-trading centers, with the BTC-KRW (Korean won) market being the fourth biggest among national fiat currencies. By contrast, most North Koreans have almost zero knowledge of cryptocurrencies, even though their government has been engaging in Bitcoin mining and the hacking of crypto exchanges in a bid to secure an alternative revenue stream. As the …
The number of crypto mining malware attacks used by hackers has continued rising, with total samples growing by 86% in the second quarter of 2018, according to the latest threat report by cybersecurity firm McAfee Labs released September 25. In the report, cybersecurity experts stated more that than 2.5 million new malware coin miner samples were found in Q2. In comparison, the number of crypto malware attacks in Q1 amounted to around 2.9 million, which is a 629 percent rise from around the 400,000 samples found in Q4 2017. The report concluded that coin miner malware “remains very active,” following …
Firefox will block cryptojacking malware in future versions of its web browser, according to an announcement August 30. The move comes as part of an anti-tracking initiative expected to be implemented over the next few months. In the announcement, Firefox cites a study by browser extension Ghostery, stating that 55.4 percent of the total time required to load an average website is spent loading third party trackers. Future versions of Firefox will reportedly block such practices as cryptomining scripts that “silently mine cryptocurrencies” on users’ devices by default. By blocking tracking and offering a “clear set of controls,” Firefox is …
North Korean hackers have infected a cryptocurrency exchange with malware for both Windows and macOS for reportedly the first time, Russian internet security company Kaspersky Lab announced Thursday, August 23. In Kaspersky’s report, the company reveals the malware — dubbed “AppleJeus” — made its way into the systems of an unnamed exchange after an employee downloaded a “tainted” app. Kaspersky now believes the app came from a fake developer with fake security certificates in a major operation by North Korean hacker collective Lazarus Group. The malware aimed to steal cryptocurrency funds, Kaspersky claims, in what marks the latest in a …
As much as 59 percent of U.K. companies have been affected by cryptojacking malware at some point. Roughly half of those cases took place in the previous month, news outlet Internet of Business reports August 15, citing a research commissioned by Citrix. According to Internet of Business, the research, commissioned by software company Citrix and performed by OnePoll, asked 750 IT executives from U.K. companies that number more than 250 employees about their experience with cryptojacking attacks. Cryptojacking malware employs its victim’s computational resources without their permission in order to mine cryptocurrencies for the attacker. This leads to a wasteful …