Mining malware was hidden in Windows installation file

During 2018 there have been multiple cases of cyber attacks on various platforms and the phenomenon continues to grow. The case of a mining malware hidden in a Windows installation file in MSI format was recently discovered.

Users could not suspect the release of the virus because it is posing as a legitimate Windows file. And if that were not enough, it contains a built-in self-destruct mechanism that prevents it from being tracked.

In this regard, the Japanese cybersecurity company Trend Micro, which discovered the malware, indicated that it “deletes all the files in its installation directory and eliminates any trace of installation in the system”.

Cases of cryptojacking are increasing worldwide. Criminals become increasingly sophisticated and use installers that help them to arrive in an imperceptible way to thousands of users. They are always creating new ways to evade security measures.

In the case of the hidden mining file in the Windows installer, it could be known that the situation was complicated due to the fact that the malware has several files that function as a decoy. For example, it has one in “.bat” format that counteracts any antimalware process; another “.exe” file that decomposes a third “.ico” file and that decrypts the cryptocurrency mining modules.

M.Pino

Source: Coincrispy

Receive this and all our information directly on your cell phone through our channel on Telegram:https://t.me/BitFinanceNews