This New Malware Could Potentially Jeopardize Your Crypto Mining

Miners are always seeking more efficient ways of extracting enormous amounts of energy for the purpose of mining. Are you a cryptocurrency miner somewhere in the world? Well, there is a new sheriff in town. This sheriff is out there to ensure that all your mining efforts amount to nothing. In a perfect world you would have nothing to worry about. Unfortunately, you mine cryptocurrencies in an imperfect world. So, yes, you have something to worry about, and it’s malware.

Hello Miner, Meet The New Sheriff

According to its July 26th report, Moscow-based cybersecurity company Kaspersky discovered that there is an outbreak of a malware which has the potential to affect mining activities across corporations and cryptocurrency-mining companies around the world. Giving more details about how the new virus spreads, the Russian company, which has been dishing out a lot of preventive steps against Initial Coin Offering (ICO) scams lately, said that the malware spreads by attaching itself to the victim’s personal computer, corporation and workstation servers. When the malware known as “PowerGhost” attacks a corporation, it extracts all the important mining information about the corporation.

Source Of The Malware

The Kaspersky report made it clear that PowerGhost comes from cyber attackers using sophisticated technology and software to determine the enemy to attack. The report says that the hackers employ advanced algorithms to remain unnoticed. Some of those moves include running software that effectively slows down the victim’s CPU fan speed causing low computing capacity. Furthermore, they will then switch off the malware during the user’s most active hours. Explaining further, the statement reveals that after the full implementation of these processes, they will later decide the best time to attack. It is also added that this is gradually taking the place of the usual cybercrime such as ransomware.

Why The Hackers Remain Uncaught Until Now

By deploying a file-less technique, the cyber thieves propagate PowerGhost software over networks as non-malicious software, ensuring that the victims do not suspect them. The company also explained that PowerGhost uses PowerShell script to encode its base code. Furthermore, Msvcr120.dll and Msvcp120.dll were specifically picked out in the report as operation libraries employed by the malicious software to sync with existing system software. For using file-less techniques, PowerGhost is able to bypass many firewalls, antivirus software, and remote admin tools. The report mentioned that Windows Management Instrumentation lacks the required sensitivity to detect PowerGhost malware.

Primary Targets

The report cautioned that although the primary targets of the hackers are individual workstations and corporations, the key target was corporate local area networks (LANs). Just as a wild fire, the report posits that the new virus is spreading around the world. This is happening at a very fast rate, especially in India, Turkey, Brazil, and Columbia.

Join our Telegram Group To Stay Up To Date With Crypto News