Facebook X (Twitter) LinkedIn Telegram
    • About
    • Advertise
    • Submit Press Release
    • Contact
    Facebook X (Twitter) LinkedIn Telegram
    BlockonomiBlockonomi
    • Prices
      • All Coins
      • Bitcoin Price
      • Ethereum Price
      • Ripple Price
      • EOS Price
      • Litecoin Price
      • Monero Price
      • Binance Coin Price
      • Bitcoin Cash Price
      • Chainlink Price
      • Cardano Price
      • Stellar Price
      • Tron Price
    • Sections
      • All
      • Analysis
      • Bitcoin
      • Ethereum
      • Education
      • Trading
      • Buying
      • DeFi
      • NFTs
      • Metaverse
      • Exchanges
      • Brokers
      • Guides
      • Gaming
      • Privacy
      • Business
      • Finance
      • Fintech
      • Regulation
      • Security
    • Claim Free Crypto!
    • Gamble With Crypto!
    • Easily Buy Crypto!
    Home / About / Advertise / Submit Press Release
    BlockonomiBlockonomi
    News Security

    Windows Installation Files Are the Latest Crypto-Jacking Tools

    Nick MarinoffBy Nick MarinoffNovember 9, 20181 Comment4 Mins Read
    Telegram Twitter LinkedIn WhatsApp Facebook Email
    Cryptojacking
    Share
    Facebook Twitter LinkedIn Email Telegram WhatsApp

    It appears Windows is providing “windows” to hackers. According to The Next Web, hackers are hiding cryptocurrency malware in Windows installation files as part of a recent crypto-jacking effort.

    Crypto-jacking is nothing new. It’s a topic we’ve discussed before and will likely do so again before the year is out. The process occurs when a hacker takes control of a victim’s computer without their knowledge or consent and uses their computing power to mine cryptocurrency.

    Most crypto-jacking efforts result in the extraction of new Monero coins, one of the most popular cryptocurrencies among digital thieves due to its anonymous properties.

    Cryptojacking

    Some Recent Cases

    Table of Contents

    • Some Recent Cases
    • The New Pathway to YOUR Computer
    • Hiding in the Shadows
    • A Few More Recent Cases

    Most recent cases involve Korea, in which the southern country accused its northern counterpart of taking over several computers to mine crypto. A U.S.-based cybersecurity firm investigating the situation later issued a report that appeared to verify everything South Korea was saying.

    The computers examined in the firm’s study suggested that they had been infected with malware designed to mine Monero, and that the funds were being directed to Kim II Sung University in Pyongyang, North Korea’s capital city.

    Another example occurred via Adobe Flash updates that were infected with hidden mining code. This code was very difficult to find, as the Adobe Flash updates worked exactly as they were supposed to. The updates occurred without issue, and thus none of the victims were given any clues as to what was really going on. The malware was discovered by Palo Alto Networks, a cybersecurity firm named after Palo Alto in northern California.

    The New Pathway to YOUR Computer

    Now, researchers from security venture Trend Micro have found mining software hidden in Windows installation packages. Known as Coinminer, the software is designed to be very elusive and uses a series of obfuscation methods.

    A report from Trend Micro reads:

    “The malware arrives on the victim’s machine as a Windows Installer MSI file, which is notable because Windows Installer is a legitimate application used to install software. Using a real Windows component makes it look less suspicious and potentially allows it to bypass certain security filters.”

    Hiding in the Shadows

    In addition, researchers state that once the software is installed, various files are activated that act as decoys. The installer also comes with a script that counteracts all anti-malware processes occurring on the victim’s computer, making it very difficult to counteract the software.

    It even comes equipped with a self-destruct mechanism to prevent anybody from nosing around too much. Trend Micro’s report says:

    “To make detection and analysis even more difficult, the malware also comes with a self-destruct mechanism. It deletes every file under its installation directory and removes any trace of installation in the system.”

    Trend Micro has claimed that while it cannot trace the attacks back to a specific country or point of origin, it has noted that the installer uses Cyrillic, an extremely popular software brand among cybercriminals.

    A Few More Recent Cases

    In a recent high-profile case of crypto-jacking, a Canadian university was forced to shut down its entire network last week after it was discovered that hackers were attempting to utilize its computing power to mine bitcoin. Furthermore, new reports suggest that crypto-jackers and cyberthieves are ultimately stealing approximately $250,000 each month. That’s a lot of money for people who didn’t earn it…

    Last April, Google sought to crack down on Chrome extensions that ran cryptocurrency mining scripts as a means of protecting users against crypto-jacking. The company wrote in a blog post:

    “Approximately 90 percent of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with our policies and have either been rejected or removed from the store.”

    Advertise Here
    Nick Marinoff

    Nick Marinoff has been covering cryptocurrency since 2014. He has served as a lead content writer and news editor for Money & Tech; a public relations writer for Game Credits, and a senior writer for both Bitcoinist and News BTC.

    Related Posts

    Algorand’s Python Integration Set to Transform Blockchain App Development Forever

    December 8, 2023

    Hacker “Washes” $25M in Stolen Crypto Through Magic: The Gathering Card Scheme

    December 8, 2023

    Beware Address Poisoning: Scammer Steals $2 Million From Safe Wallet Users

    December 4, 2023

    1 Comment

    1. Crypt0_Prim3 on November 9, 2018 11:49 am

      Which software is this Cyrillic? I thought it was an alphabet!?

    Coinbase Earn
    Advertise Here
    Gambling
    • mBit Casino
      VisitReview
    • BC Game
      VisitReview
    • Duelbits
      VisitReview
    • BitcoinCasino
      VisitReview
    • FortuneJack
      VisitReview
    • 1xBit
      VisitReview
    Exchanges
    • KuCoin
      VisitReview
    • Coinbase
      VisitReview
    • Binance
      VisitReview
    • PrimeXBT
      VisitReview
    Koinly
    Advertise Here
    Trading Bots
    • 3Commas
      VisitReview
    • Cryptohopper
      VisitReview
    • CoinRule
      VisitReview
    3commas Trading Bot
    Advertise Here
    All content on Blockonomi.com is provided solely for informational purposes, and is not an offer to buy or sell or a solicitation of an offer to buy or sell any security, product, service or investment. The opinions expressed in this Site do not constitute investment advice and independent financial advice should be sought where appropriate.
    Blockonomi™ Copyright © 2017 - 2023 Kooc Media Ltd. All rights reserved. Registered Company No.05695741
    Network: Moneycheck - Finance News / Beanstalk - NFT & Metaverse News
    • About
    • Contact
    • Deals
    • Advertise
    • Privacy Policy
    • Terms & Conditions

    Type above and press Enter to search. Press Esc to cancel.