Friday, March 29, 2024

McAfee Labs discovers ‘WebCobra’ malware that Uses Victim’s Computers to Mine Cryptocurrency

Researchers from McAfee Labs have found a new type of Russian malware called WebCobra that is gently mining Zcash and Monero on computers all over the world.

Malware comes “via PUP Builders” that fall and set up the Cryptonight Monero Miner or Claymore’s Zcash miner, “on the basis of the structure WebCobra finds”:

“This cryptocurrency mining malware is rare because it drops another miner on the basis of the configuration of this device.”

It’s hard to find WebCobra, say investigator, and once installed, the malware uses the code to modify itself:

“After data.bin is decrypted and executed, it tries to do some anti-debugging, anti-emulation and anti-sandbox technology, besides checking additional security products running on the system. These measures allow the malware to stay unnoticed for quite a while.”

The only sign of the infection is “energy degradation”: the miner runs, “slowly … consumes the resources of CPUs”

Infected machines may not be able to “sleep”, usually the performance decreases and energy bills increase. All the benefits of those mining are delivered to the electronic wallets of the attackers.

Although the cost of mining by malware is nearly zero, researchers from elite fixtures have recently found that a bitcoin mining cost can be between $ 531 and $ 26,170 USD for legitimate manufacturers.

McAfee states that Today, the vast majority of WebCobra infections are happening in the united states, Brazil and South Africa.

Also ReadTezos Foundation join hands with B9lab for a Blockchain Training Program

WebCobra infections have also been discovered in Russia, Indonesia, Philippines, India, Northern Europe, Pakistan, Turkey, Ukraine, and in many African countries too.

Along with other cybersecurity investigators, McAfee Labs has argued that crypto mining malware attacks are appealing to shortly go away.

Crypto malware strikes may be rewarding while is less harmful and confrontational than the ransomware strike, where the system and data of the victim are locked for ransom in cryptocurrency:

“Coin mining malware is developing because cybercriminals are using the most simple route to steal the worth. On other people’s systems, mining coins require less investment and risk than ransomware. Unless users understand that they are supporting criminal miners, the latter has much to gain.”

Jon Porter
Along with reporting for BlockToro Jon for works for various big media publications like verge and few other media sites. He is also Dead German Soldier #4 in Wonder Woman. To get in touch with Jon for news reports he published you can email him on Jon@nationaltimes.in or reach him out in social media linked below.

Latest news

Related news

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here