With the booming trend of cryptocurrency in the community, more people are looking for ways to get this virtual money. Including a number of individuals who intentionally make cryptocurrency-mining malware. This malware tries to infect millions of PCs to use these PC resources in order to gain cryptocurrency. This malware has been running for more than 4 months. More than 15 million machines are vulnerable, according to security firm Palo Alto Networks.

Ways of Spreading

To spread the malware, the hacker tried to disguise the code in the form of .exe and made it appear as if it came from download places like “FILE4org”, “RapidFIles”, and “Dropmefiles”. The .exe file has been circulating on the internet through URL shortening services such as Bit.ly or ad.fly. The number of clicks on the link has reached 15 million, according to Palo Alto Networks.

If the PC is infected, the malware will run an application called XMRig, where the application will be mining a cryptocurrency named Monero (worth $ 310 per coin).

“In this case, the attacker set (the program) not to use more than 20 percent (of CPU resources),” said Josh Grunzweig, a malware expert at Palo Alto Networks. So, many of these victims did not know that on their computers they were used for mining.

Targets Computers in Africa, South America, and Southeast Asia

Penyebaran Malware Monero (sumber: PCmag.com)
Monero Malware Spread (source: PCmag.com)

It is unknown how many Monero currencies have been raised by them. But according to research from Palo Alto Networks, many of this malware is targeting and infecting computers in Africa, South America, and Southeast Asia.

The spread of this kind of malware is one of the many ways that hackers can gain cryptocurrency. Last month, F5 Networks reported that hackers had used NSA-made cyber weapons to control Windows and Linux systems, and made the system do mining cryptocurrency.

In addition, there are other cybercriminals who hijack websites to run script mining through an internet browser. Fortunately, anti-virus software and browser extensions can handle this kind of activity. Therefore, always be vigilant and make sure your computer is protected properly!


Please enter your comment!
Please enter your name here