The extraction of cryptocurrency does not benefit from the best reputation. This is mainly due to the growing number of nefarious initiatives that involve this business model. A recent development shows that malware capable of extracting cryptocurrency is now addressed to Windows users.
The Cryptocurrency mining malware trend continues
In recent months, various reports have emerged concerning the mining encryption. All these incidents revolve around criminals who hijack computers to extract Monero or other currencies. In a new twist on this attack, Windows users are targeted. Cryptojacking, although a very worrying trend already, is growing in a bigger industry at this stage.
Trend Micro researchers have stumbled into new development. Their study of the malignant cryptocurrency mining shows an emerging trend. By actively distributing Windows installation packages, criminals try to disguise their nefarious intentions. Unlike other deployment methods, the Windows Installer MSI files are perfectly legitimate. As such, they do not necessarily immediately cause suspicion.
There's so much more in this new malware distribution campaign. In the "directory" of the software, numerous files are added as bait. The anti-malware tools installed on a computer will be induced to completely neglect these files. This is another example of how clever criminals have been made in recent years.
Addressing the epidemic remains a problem
Another peculiar aspect of this new malware deserves to be highlighted. This new tool, nicknamed CoinMiner, is not limited to exploiting malware in bad cryptocurrency. It also has a self-destruct function to mask its activity. If malware is detected by any software solution, it will completely eliminate its installation directory.
This particular approach by criminals makes it difficult to combat cryptojacking. If malware for mining activities can come and go without a trace, very little is needed. Although the malicious cryptocurrency scripts are easy to detect, these Windows installation files are very different. It is another example of how the trend of cryptojacking continues to evolve.
At the beginning of this year, this tendency to the cryptocurrency mining has taken different forms. The scripts have become less obvious. Instead, malicious Flash updates and vulnerable routers have become the new targets to exploit. Going behind Windows users, this cryptographic threat becomes much more annoying to nip in the bud. Windows is the most popular computer operating system in the world, after all.
How can Windows users protect themselves against this variant of cryptographic malware? Let us know in the comments below.
Images courtesy of Shutterstock