Mining Malware Infecting Windows Computers CAUTION

in #bitcoin8 years ago

  Reports have also been gathered from Bleeping computer stating how malware authors are infecting Windows computers with NSA hacking exploit and a Trojan that can detect visible resources to shift toward the XMR.  

  The Trojan Was First Reported by Russian Antivirus Dr.Web 

The Russian antivirus; Dr. Web was the first to report the Trojan, and the virus was discovered as Trojan.BTCMine. 1259. The Trojan also has been discovered as utilizing Double pulsar; an NSA hacking tool that is designed to infect computers that are running Server Message Block services that aren't secured- a network protocol used mainly to provide shared access to serial ports, printers, and files. 

Once the infection takes place, a simple backdoor will be created by the malware to give hackers the chance to execute code on a machine. The Double Pulsar exploit is then used to input a generic malware loader on the infected machine. The computer afterward will be scanned by the virus to check if there are enough available resources to execute the payload. If the resources are found to be available, a cryptocurrency will be downloaded by the generic malware loader to start mining the XMR and also start diverting the XMR to the hacker’s wallet. 

Experts have also resolved to the conclusion that the trojan can shut itself down when the PC owner jockstraps the Task Manager utility, making the malware undetected while still undergoing an operation.   

  Ransomware Viruses Have Adopted the NSA’s Double pulsar Exploit  

  Trojan.BtcMine.1259 wouldn't be the first cryptocurrency associated virus that has been planned out using the DOUBLEPULSAR exploit. Another known virus named Eternalminer was also detected about a week ago, and it places Linux servers aimed at XMR mining. Wannacry, the ransomware database that capsized a lot of institutions and businesses around the globe, might have brought Double pulsar within its protocol while making use of the achievement as the foundation for the malware's self-spreading SMD worm.  

  The shadow Brokers in April 2017 made Double pulsar available and has led to reports of new less than 36,000 computers getting infected by different viruses adopting the exploit on April 21st.   

Do you diligence and be cautions when downloading and accessing files from crypo-space.

Appreciate your upvote and comments on it

Scrembo

Sort:  

ow sick so you are basicly mining for a hacker without knowing then

True..

old news been happening for yrs

Recently new wave of mining malwares pouring into the crypto space

Hey there. Been following your work on youtube, good to see you here :)
Not my intention to advertise my article here, but would really appreciate if you could take a look at it and let me know what you think :)
https://steemit.com/cryptocurrency/@weareourdesires/crypto-youtuber-debunked-could-it-be-that-suppoman-is-lying-to-us

I will check around, Thanks

People needs to be extra cautious when downloading stuff from the Internet especially zip files because more often you will get an extra package after unzipping them.

That's the idea

I don't want to sound harsh but we are the wild west and those that don't keep themselves informed have a lot to blame themselves for.

Disagree- we all should look out for each other and try to help when we can. Imagine....

You are right to disagree with me, it's the moral thing to do. But in my case I'm giving the other side for perspective, just look at what's happening with the blantant manipulation of the market to make ethereum prices drop. It's happening at the High and at the low levels.

What's new here is that the tools were essentially provided by the NSA. So while all governments are, by definition, terrorist organizations, the NSA has brought the game to the cyber domain. The question is whether this kind of piracy is now the new normal, and whether those who fail to adopt the pirate ethos are simply suckers.

We all need to be careful to avoid downloading malwares in the name of "files". Thanks for the info