IN A NUTSHELL:
- LoudMiner is a new virus that secretly mines cryptocurrencies;
- The software is distributed together with pirated copies of the VST audio plug-in.
Cyber-security experts from ESET discovered that a new virus, mining cryptocurrencies on computers of unsuspecting users, had appeared in the network. The program is called LoudMiner and uses virtualization applications (Quick Emulator or VirtualBox) to run a virtual system based on OS Tiny Core Linux in the background. Malware then secretly uses the cumputing power of the infected PC for cybermining. The virus can even update itself based on SCP (Secure File Copy).
The virus is distributed together with pirate copies of Virtual Studio Technology sound software. What is interesting, the choice of application in this case is deliberate - cybercriminals want to increase the chance of infecting a machine equipped with efficient components.
"LoudMiner is oriented towards audio software, because PC working with these applications often have more computing power. These programs are usually complex and have a high CPU usage, so users don't find such activity unusual. Using a virtual machine instead of another, more economical solution is quite unusual. This is not something we usually see in similar situations."
How to protect yourself against a virus? Fortunately, it is very simple - ESET experts indicate that it is enough... not to install pirate software. It is also worth noting sudden, unjustified increase in CPU usage, as well as the unknown services connected with strange domains.
- ESET - official website