As cryptocurrencies gain popularity and value, cybercriminals have been quick to act and there is a rising trend of hackers targeting devices in a bid to mine cryptocurrencies. According to a new report released by security researchers the latest attack has seen hackers use double cryptocurrency miners to exploit a vulnerability in the Oracle server to spread two cryptocurrency miners simultaneously.
Security researchers at Trend Micro have discovered this new campaign that uses the vulnerability on the Oracle WebLogic WLS-WSAT flaw (CVE-2017-10271), which allows cybercriminals to launch two crypto miners a – 32 – bit and a – 64 – bit variant of the XMRig Monero miner. The two crypto miners are deployed on devices that use the Windows OS depending on its compatibility with the malware variants.
In a blog post, The Trend Micro researchers said:
“Our analysis of the latest payload shows that the architecture of Windows OS plays a part in deciding which coin miner will run,”
“The first Monero miner is a 64-bit variant which will execute on a corresponding 64-bit Windows device. But, if the device is running a 32-bit Windows version then the second coin miner will run instead.”
Given that it takes an enormous amount of computing power to mine cryptocurrencies, the malware variants try to infect as many devices as possible.
The double cryptocurrency miners are capable of starting up daily and automatically. On this, the researchers believe “the malware developers of this particular exploit have more chances to infect machines and use them for crypto mining”.
Another Trend researcher notes:
“The user may not attribute the issue to a compromise at first since the effects can be caused by other factors. But, as we mentioned, cryptocurrency miners have been on the rise since mid-2017, and users should expect more malware variants that aim to hijack their system resources. Cybercriminals are taking every opportunity and experimenting with new ways to deliver mining malware to users,”
There is no need to panic though as security experts say there is a way to beat these double cryptocurrency miners. They advise patching and updating your software regularly to avoid falling victim to the malware.
In the comment section below tell us what you think of this story.