Home>Business>Researchers Uncover Threat of ‘Unusual’ Virtual Machine Crypto Mining
Business

Researchers Uncover Threat of ‘Unusual’ Virtual Machine Crypto Mining


Cybersecurity firm ESET has detected what it describes as an unusual and persistent cryocurrency miner distributed for macOS and Windows since August 2018. The news was revealed in a report from ESET Research published on June 20.

According to ESET, the new malware, dubbed “LoudMiner,” uses virtualization software — VirtualBox on Windows and QEMU on macOS — to mine crypto on a Tiny Core Linux virtual machine, thus having the potential to infect computers across multiple operating systems.

The miner itself reportedly uses XMRig — an open-source software used for mining privacy-focused altcoin monero (XMR) — and a mining pool, thereby purportedly thwarting researchers’ attempts to retrace transactions.

The research revealed that for both macOS and windows, the miner operates within pirated applications, which are bundled together with virtualization software, a Linux image and additional files.

Upon download, LoudMiner is installed before the desired software itself, but conceals itself and only becomes persistent after reboot.

ESET notes that the miner targets applications whose purposes are related to audio production, which usually run on computers with robust processing power and where high CPU consumption — in this case caused by stealth crypto mining — might not strike users as suspicious.

Moreover, the attackers purportedly exploit the fact that such complex applications are usually complex and large in order to conceal their virtual machine images. The researchers add:

“The decision to use virtual machines instead of a leaner solution is quite remarkable and this is not something we routinely see.”

ESET has identified three strains of the miner targeted at macOS systems, and just one for Windows thus far.

As a warning to users, the researchers state that “obviously, the best advice to be protected against this kind of threat is to not download pirated copies of commercial software.”

Nonetheless, alongside high CPU consumption, they offer several hints to help users detect something might be awry, included trust popups from an unexpected, “additional” installer, or a new service added to the startup services list (Windows) or a new Launch Daemon (macOS).

Network connections to unusual domain names — due to scripts inside the virtual machine that contacting the C&C server to update the miner’s configuration — are another giveaway, the researchers add.

Yesterday, Cointelegraph published an in-depth report analyzing various malware deployments within the crypto industry, including for stealth crypto mining.





  • Bitcoin
  • Ethereum
  • Bitcoin cash
  • Litecoin
  • Cardano
  • Dash
  • Stellar
  • Ethereum classic
  • Lisk
  • Tron
  • Neo
  • Qtum
  • Omisego
  • Binance coin
  • Zcash
Scan to Donate Bitcoin to 1J6PGL1oemFb3hxabLygq4WgWx8cbfji1r

Please help us if you can with some Bitcoin

Scan the QR code or copy the address below into your wallet to send some Bitcoin

Scan to Donate Ethereum to 0xA8E701dd11280a98e8F2e0A14064AC829E32D50F

Please help us if you can with some Ethereum

Scan the QR code or copy the address below into your wallet to send some Ethereum

Scan to Donate Bitcoin cash to qrth4e0g93h3gpxex8ycwuxtsa332tha5qvkmlz0g5

Please help us if you can with some Bitcoin cash

Scan the QR code or copy the address below into your wallet to send some Bitcoin cash

Scan to Donate Litecoin to LTxxjySMDtERJhHYJ99UFW9AamAWTwCAZ4

Please help us if you can with some Litecoin

Scan the QR code or copy the address below into your wallet to send some Litecoin

Scan to Donate Cardano to DdzFFzCqrhsopoZLhbouUwh2NvvWMPeFrXQW9vNNpPKrjKbRGyLRN5joJgCeZ6e1MRHtPHeLffpkNpQs5AdDA8qFCZ4gA9bYtaerNQTk

Please help us if you can with some Cardano

Scan the QR code or copy the address below into your wallet to send some Cardano

Scan to Donate Dash to XmAdEHrwiVZJVkAxe8hK5U6HZB59L5yhmK

Please help us if you can with some Dash

Scan the QR code or copy the address below into your wallet to send some Dash

Scan to Donate Stellar to GD4KROE42HPOMT7BT6M27HHLFCOSIXPYY2V3WSCX5FYEWRJDIJQ4RWFT

Please help us if you can with some Stellar

Scan the QR code or copy the address below into your wallet to send some Stellar

Scan to Donate Ethereum classic to 0x5BF3fCAC8deA20CF21C9D0D9d058E00EEfc431Ae

Please help us if you can with some Ethereum classic

Scan the QR code or copy the address below into your wallet to send some Ethereum classic

Scan to Donate Lisk to 15642042552518336132L

Please help us if you can with some Lisk

Scan the QR code or copy the address below into your wallet to send some Lisk

Scan to Donate Tron to TYnAenRiV6BsTiE6FVyAcDDxZtBKUQTFxN

Please help us if you can with some Tron

Scan the QR code or copy the address below into your wallet to send some Tron

Scan to Donate Neo to ATiXRHVqYqrNktbxJfcDETfnrSUWSG4cPb

Please help us if you can with some Neo

Scan the QR code or copy the address below into your wallet to send some Neo

Scan to Donate Qtum to QUYXxY6kX7TY2HSLwVYMwFaJNZLwvX5uyp

Please help us if you can with some Qtum

Scan the QR code or copy the address below into your wallet to send some Qtum

Scan to Donate Omisego to 0xA8E701dd11280a98e8F2e0A14064AC829E32D50F

Please help us if you can with some Omisego

Scan the QR code or copy the address below into your wallet to send some Omisego

Scan to Donate Binance coin to 0xA8E701dd11280a98e8F2e0A14064AC829E32D50F

Please help us if you can with some Binance coin

Scan the QR code or copy the address below into your wallet to send some Binance coin

Scan to Donate Zcash to t1cBCyKgSSqWaNrkpvQZUSTuxMmAbbAyFpZ

Please help us if you can with some Zcash

Scan the QR code or copy the address below into your wallet to send some Zcash



Source link

Review Overview

Summary