LoudMiner Identified by ESET Researchers: Precautions

This article was originally posted on CoinStaker.

ESET cybersecurity has recently detected an unusual crypto miner. The LoudMiner seems to be distributed for both Windows and macOS for about 1 year now.

According to the research conducted by ESET, LoudMiner is using virtualization software to mine crypto on a Tiny Core Linux virtual machine. VirtualBox is being used on Windows while QUEMU is the software used on macOS.

Multiple operating systems are at risk of being infected. LoudMiner is reportedly using an open-source software for mining Monero (XRP), called XMRig. This has so far proved to be sufficient in order to evade all researcher attempts to trace the transactions.

One interesting note from the research is that the miner seemingly operates only in pirated applications. These applications however, are bundled up with the virtualization software, a Linux image and many other files.

After such a pirated application has been downloaded, LoudMiner is installed before the software itself. The miner quickly conceals its presence but becomes persistent after a reboot.

LoudMiner is naturally going after high-end CPUs

ESET researchers point out that the miner most frequently targets applications with purposes related to audio production. These apps are typically used on CPUs with a lot of processing power. This makes them perfect for stealth mining because the user will most likely remain oblivious.

So far, ESET researchers have managed to identify three different strains of the miner for macOS systems. Only one has been found for Windows so far.

As usual, the best and most simple defense is to avoid downloading pirated applications at all costs. If users experience high CPU consumption, one giveaway of the LoudMiner is a network connection to an unusual domain name. This happens due to scripts from the virtual machine which contact the C&C server to update the miner’s configurations.

Additional installers from unexpected “trust” popups should also always be read and taken into consideration.

Know More:

The post LoudMiner Identified by ESET Researchers: Precautions appeared first on CoinStaker | Bitcoin News.

To read more from CoinStaker follow this link.

Be the first to comment

Leave a Reply

Your email address will not be published.


*