Crypto Hackers Implant LoudMiner Monero Mining Bot On Pirated Software Affecting MacOS and Windows Users
By now, you must have heard of malicious crypto-hungry hackers who plant their malware using Adobe Flash updates and legit Windows updates and reap the unsuspecting. But, their stealth operations aside, there’s an even more bizarre crop who seem a bit more sophisticated in their activities.
In what will probably shock many, cryptocurrency hackers have reportedly gone a notch higher and have resorted to hiding bots in the so-called “cracked” audio production software. This is according to security experts at ESET who discovered a Monero cryptocurrency mining bot known as LoudMiner.
Given that malware hidden in pirated software isn’t something new, the level at which this new bot could have gone is quite astounding. The bot is quite prevalent given that it has been in distribution since August 2018, and only started surfacing in the cracked versions of VST (Visual Studio Technology).
Lovers of freebies often dance with the devil without their knowledge and for many of them, nothing is worth worrying about so long as the computer is running fine. However, they have a real reason to worry given that LoudMiner isn’t just unique in its intentions, but also comes as a cross-platform.
This Monero mining bot is expertly developed to run on a Tiny Core Linux virtual machine. It basically hits across the board, running on both the MacOS and Windows devices.
Further, researchers who discovered it believe that hackers chose VST software over all the rest because of the PCs with it are powerful with high-end CPU. The software also uses a lot of resources on the CPU, which gives the bot a higher chance to operate without getting noticed.
There are a few people who, by good luck, noticed an abnormal behavior with their computers, especially after downloading a ‘dodgy plugin.’
LoudMiner – an XMRig Monero cryptocurrency miner, comes in at least four versions, according to the researchers. The bot operates in a virtual Linux ecosystem, installing itself at the root level. It then runs on its own whenever the computer is restarted.
Among those who suspected that their PCs were infected, one said he only had to reinstall the OS in order to completely get rid of it. The researchesr, however, couldn’t tell whether the hackers had earned any coins before the discovery.
On how one could stay safe from it, ESET researchers expectedly recommend not using any pirated software on one’s PC. This, they say, is the first and most important line of defense against them.
They also recommend that one keeps a close eye on their average CPU usage. If one notices something fishy on their computer’s list of programs installed, he/she should act quickly. Meanwhile, the whole ESET report can be accessed directly here.