Cybersecurity company Varonis has discovered "Norman", a new cryptographic virus that aims to extract the Monero cryptocurrency (XMR) and escape detection.
Varonis published a report on Norman on August 14, 2019, which shows malware as one of the many encryption viruses distributed in an attack that infected the machines of a medium-sized company. Hackers and cyber criminals implement cryptographic hardware to use the computing power of users' unsuspecting machines to extract cryptocurrencies like the Monero privacy-oriented currency.
Norman in particular is a cryptocurrency miner based on XMRig, a high-performance miner for the Monero cryptocurrency. A feature that Norman has is that it will close the crypto mining process in response to the opening of Task Manager by a user and after closing Task Manager, Norman uses a process to restart the miner. Furthermore, the researchers hypothesized that Norman came from a French-speaking country, due to the presence of French variables and functions in the virus code.
Similarly, another computer security company, Carbon Black, has discovered a disturbing update to a variety of XMR mining malware. The company has discovered that a type of malware called Smominru is stealing user data along with its mining operations. Carbon Black believes that stolen data can be sold by hackers on the dark web.