A New Cryptojacking Malware Locks Into Linux Servers to Mine Privacy Coin Monero (XMR)
You probably know that kind of guy who keeps saying that people using the Linux operating system are free from all malware, right? It may be your friend, a work colleague or even your dad. The truth, however, is that Linux is not that invincible against all kinds of threats. It’s just less targeted than Windows-based computers.
Now, we have the ultimate proof of that. Researchers from Trend Micro have discovered a new cryptojacking malware named as GoLang. This new malware is used to mine Monero (XMR) tokens off a vulnerable computer. The program is written using the Go programming language and it is focused on targeting Linux servers.
The Trend Micro researchers have reported that the malware initially tries to find the most vulnerable targets and then use them as an entrance in order to propagate via the entire network afterward.
F5, another well-known research group, has also reported on this new threat. According to this group, the malware spreads to other networks by using seven different methods. These include misconfiguring credentials in the system and targeting server-level programming languages.
In order to cloak its activities, the program deletes logs and history of the compromised computer, too, as well as to kill off any other crypto mining programs or any process that is using over 30% of the CPU.
As soon a the doors are open, the program sends a request to download a payload which contains the malware and, this way, other systems are affected.
In order to actually mine the Monero, GoLang uses XMRing 2.13.1, a considerably famous Monero mining script that is being used these days.
According to the reports made by F5, the cybercriminals were even able to inject the malware into some crypto mining pools.
Unfortunately, cryptojacking malware just keeps getting more attractive to hackers. With the prices of crypto going up, they are often even more prone to use other people’s computers to mine Monero or Bitcoin and get money undetected.