Thursday, 04 June 2020

Varonis' researchers discover Monero mining malware

Cybersecurity company Varonis has discovered ‘Norman’, a new cryptojacking virus that aims to mine the cryptocurrency Monero (XMR) and evade detection.

Varonis published a report about Norman on 14 August 2019, which shows the malware as one of many cryptojacking viruses deployed in an attack that infected machines at a mid-size company. Hackers and cybercriminals deploy cryptojacking hardware to use the computing power of unsuspecting users’ machines to mine cryptocurrencies like the privacy oriented coin Monero.

Norman in particular is a crypto miner based on XMRig – a high-performance miner for Monero cryptocurrency. One feature that Norman has is that it will close the crypto mining process in response to a user opening up Task Manager, and after Task Manager closes, Norman uses a process to relaunch the miner. Moreover, the researchers conjectured that Norman comes from a French-speaking country, due to the presence of French variables and functions within the virus’ code.

Similarly, another cybersecurity company, Carbon Black, uncovered an unsettling update to a strain of XMR mining malware. The company discovered that a type of malware called Smominru is stealing user data alongside its mining operations. Carbon Black believes that the stolen data may be sold by hackers on the dark web.

Legal disclaimer: The insight, recommendations and analysis presented here are based on corporate filings, current events, interviews, corporate press releases, and what we've learned as financial journalists. They are presented for the purposes of general information only, and all the information belongs to the original publishers. These may contain errors and we make no promises as to the accuracy or usefulness of the information we present. You should not make any investment decision based solely on what you read here.

Creamcoin Marketcap