New malware named WinstarNssmMiner has been discovered in the wild. The primary aim of this malware is to crash the PC of others if it is discovered by anti-virus software. The malware has so far attacked more than half-a-million PC’s in the last three days.
Security researchers from 360 Total Security discovered the malware and released a statement. The malware targets machines with the intention of utilising processing power for mining Monero cryptocurrency. The malware will immediately crash the PC upon discovery of anti-virus software when it tries to remove it.
The miner launches the svchost.exe which is used to manage the system services in the Windows Operating System and inserts a malicious code into the file. Once the miner script is successfully injected into the system it will start mining the CryptoCurrency.
The second phase is WinstarNssmMiner which tinkers with the critical process designed to crash the system upon command.
The malware was designed to evade systems with reputable anti-virus products such as Kaspersky and Avast. If the user is using a different product they may experience frequent crashes and lag in their systems. A total of Four mining pools has been linked to this malware. WinstarNssmMiner has already mined $26,500 worth of Monero.
The malware is based on XMRig, an open source cryptocurrency mining project which has been hijacked by the developers for cryptocurrency mining.
Earlier this week, researchers from RedLock warned that crypto jacking attacks are on the rise against enterprise players which utilize cloud environments.
More than 25% of the companies have experienced some sort of crypto jacking activity on their systems in their cloud environments this year alone. The most often cases are insecure databases and access keys.
Take your time to comment on this