Fraud News

NSA Malware Used to Infect Windows PCs with Cryptocurrency Miner

Author: Catalin Cimpanu / Source: BleepingComputer

Malware authors are using an NSA hacking tool to infect Windows computers with a new cryptocurrency miner. Detected under the generic name of Trojan.BtcMine.1259, this trojan was first spotted last week by Russian antivirus vendor Dr.Web.

The trojan uses an NSA implant called DOUBLEPULSAR to infect computers that run unsecured SMB services. This implant (NSA term for malware) is a simple backdoor that allows attackers to execute code on the infected machines.

The miscreants behind these attacks use DOUBLEPULSAR to download a generic malware loader on user’s devices. The purpose of this “malware loader” is to check the user’s PC for a minimum amount of kernel threads.

If the infected computer has enough CPU resources, the generic malware loader will download the final payload, the cryptocurrency miner itself.

Trojan used to mine for Monero

According to experts, this trojan is a mixture of various libraries, including…

Click here to read more

Click Here to Read More

Related Items:
Click to comment

Leave a Reply

Your email address will not be published.

Most Popular News

4.4K
LoC Global

Clinton’s Russia & Media Propaganda
MOKA 8-20-22 ARRESTED MOKA 8-20-22 ARRESTED
56.9K
LoC Global

ANOTHER KARAMEH YACHT ARRESTED
Nidal Chazi (Mofid) Karameh Nidal Chazi (Mofid) Karameh
44.3K
1
LoC Global

Nidal Chazi Karameh – Suspicious Behavior and Suspicious Yachts
Hearst-MEE-Fraud Hearst-MEE-Fraud
20.7K
LoC Global

David Hearst & MEE: thinly veiled as Journalist
18.9K
Crime Intel

Do Not Invite Vampires to Cross Your Threshold
11.5K
Fraud News

Crypto (M)Sadness
11.1K
LoC Global

How to Short Bitcoin
To Top