New Malware uses PC Power to Make Cash
Hackers could use your computer to literally make money. That's thanks to an unusual malware attack that doesn't involve any files, making it harder to detect.
The "Coinminer malware" takes advantage of a Windows and browser bug nicknamed Eternal Blue. That's the same bug that was exploited in several high-profile ransomware attacks recently. While Microsoft has issued updates, it seems some users haven't installed the security patches.
Malware Runs Inside Memory
One big problem with the Coinminer malware is that it works in the computer's memory, rather than as a file or program in its own right. This makes it much harder to find through computer scans that check through the files of a drive at scheduled intervals and look for ones which match a list of known rogue files. (Source: zdnet.com)
The other unusual element of Coinminer is how it is used. Unlike many malware examples, it's not about accessing data on the victim's machine or about acting as a weapon to attack other computers.
Instead, it installs and runs software for what's known as "cryoptocurrency mining." Cryptocurrency, the best known example of which is Bitcoin, is a virtual currency that exists only online. It works by computers working together to create and maintain a record of every transaction made using the currency. This removes the need for banks and makes it hard, if not impossible, to 'steal' money.
Criminals Make Cash From Your PC's Work
The process of computers adding and verifying entries in the record is known as "mining." The workload is spread across all the computers, with users rewarded by being paid in units of the cryptocurrency. This is also how the 'money supply' grows at a controlled rate to reduce the risk of inflation.
Coinminer works by hijacking the resources of victim computers for this mining, with the criminals collecting the bonus currency units, which they can then sell online in exchange for real world cash. In other words, the malware is not only using a computer's processing power - drastically affecting performance - but earning cash for the criminals. If left undetected, it will end up creating a larger energy bill as well.
For the average home user, the best response to Coinminer is to confirm that all Windows security updates have been installed and to run a scan of the computer for malware on a regular basis. (Source: bleepingcomputer.com)
What's Your Opinion?
Do you have Windows security updates set to automatically download and install? What security software do you use? Do you have real-time scanning switched on or do you find this affects performance?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 20 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
Similar to recent attacks
This malware is similar to other malware I've seen on Windows Server 2003 systems that aren't patched. Hackers like to go after server systems because they usually contain beefier hardware, which means more CPU cycles can be used to mine. The only difference is that this malware runs resident in memory and doesn't contain an executable file. Either way, if you become infected - it will slow your computer down to a crawl. On the system that I experienced this issue with, it took a minute in between clicks to get anything done. It was extremely painful.
Criminals Make Cash From Your PC's Work
Hey Dennis. I have Windows update set to download and to install manually om Windows 7. I have Eset Nod32 and Malwarebytes running in the background. I tried with them active and turned off. I see no difference in performance.