Jan 31, 2018

A cryptocurrency malware infects millions of PCs worldwide, mostly in Thailand

A new malware strain is on the prowl infecting PCs around the globe to surreptitiously make use of the computing power of the device to mine Monero, a cryptocurrency which is worth about USD 310 (Approx. PHP 15,940) per coin. A cybersecurity firm, Palo Alto Networks has revealed that as many as 15 million computers are affected, mostly in Thailand.

Malware attacks are a regular phenomenon and this time a newly discovered strain has attacked millions of PCs around the globe, so that it can steal computing power from one's PC to mine Monero cryptocurrency.

Palo Alto Networks, a cybersecurity firm, said that hackers have broken into at least 15 million computers worldwide, mainly in South East Asia, North America, and North Africa. Country wise, it is Thailand, which has the most number of infected PCs to the tune of 3.5 million.

The firm has warned PC users to remain careful about potential attacks on their devices. It says the campaign of infecting PCs have been going on for the last four months and may also continue in the future if it remains unattended.

For the malware proliferation, hackers have been camouflaging the code as .exe files such as "File4org", and "DropMeFiles" which are file-sharing downloads for the malware proliferation. These .exe files float online mainly via Bitly and AdFly kind of shortened URL services to target the unsuspecting users.

As per Palo Alto, the two services have so far generated 15 million clicks although it is not ascertained where these links are being posted.

Monero, unlike other cryptocurrencies, can be mined on commodity hardware such as home PCs. As it hardly takes up 20 percent of space most of the users mightn't figure out if their systems are under attack from the malware.

As soon as malware infects the system, it starts running an open-source utility known as XMRig, which mines Monero. This digital currency is now valued at USD 310 (Approx. PHP 15,940) per coin drastically improving from USD 13 (Approx. PHP 670) per coin a year ago. However, hackers only receive a percentage or fee for mining each coin.

While Palo Alto Networks has identified 15 million affected systems, it says the actual figure might be on the higher side. "It's important to note that the actual number of victims is likely much higher because less than half of the samples we identified in this campaign leverage Bitly," the firm said in a blog post. "If we postulate that the Bitly telemetry is typical for this operation, we can extrapolate to speculate that as many as 30 million people have been affected by this operation."

As luck would have it, most of the antivirus out there are capable of protecting PCs from Monero cryptocurrency miners. So, if you want to save yourself from the trouble, keep your antivirus up to date.