Trend Micro identifies hackers who incorporate Crypto Mining malware into Windows Installer software

Crypto-Malware hidden-in-Windows-installation-Files

Crypto it is becoming more complex. Now hackers are creating mining malware and getting people to think about Windows computers, they are getting legitimate windows installation files. The research has said it Coinminer, the most popular encryption software for hackers, is designed to hide in plain sight. The main reason why it is so difficult is that it uses various methods of obfuscation.

Who discovered it?

According to TNW, Trend Micro, an enterprise interested in online security, has discovered the attack. Since then he has continued to examine the problem in detail. Trend Micro has revealed that the malware is sent as a Windows Installer MSI file. This is a smart trick because Windows Installer is an original app used for file installation. With the help of a real Windows file, the software is able to bypass certain security measures.

The deception does not end there. Once the malware is installed, they will have other files, which are used as recalls. For example, it comes with a script to contract any anti-malware software. The other part is the miner crypto that must be installed on your machine.

To ensure that it is difficult to detect, it comes with self-destruct mode. In this way, once detected, it can destroy itself and cover its activities. This makes it difficult to find an active solution in the future. Trend Micro noticed that they had not traced the attack to any nation. However, they noticed that he was using Cyrillic. This is a very popular alphabet among criminal criminals. So, it could be a last attempt to throw away the investigators.

The Crypto Malware problem

The problem intensified at the beginning of 2018. Experts said that with the encryption becoming so expensive, hackers would send crypto miners to places they would not expect to find. In some cases, cryptographic malware has been hidden in Adobe Flash updates, government sites, commercial sites, and even routers.

Hacking in a university

In a recent accident, a university in Canada had to close the entire network for a while. This happened after discovering that hackers used their resources to extract Bitcoins. So far, there have not been many details about hackers. The university revealed that they would bring back the online network with a staggered approach. This would help them reduce the risks.

It is known that extraction by cryptography consumes a lot of computing power. A sign that you have malware crypts on your computer is if fans start to roar. Your computer could also heat up and slow down a lot.

In 2018, it appears that crypto jacking has eclipsed the ransomware. This new type of malware does not require any action by the person concerned. Unlike the ransomware in which a user must deposit crypto in a given account, the user must make some errors with a mouse.

Some estimates state that this malware helps to earn hackers about $ 250,000 a month. They appear highly organized and qualified. It seems that they create and implement this malware meticulously. However, there has not been an effective solution so far since they continue to evolve.

[ad_2]Source link