Windows malware originating back in 2018 has successfully generated $2 millions (9000 Moneros) illegally from the victims devices. Over 222,000 devices have been infected by this malware in just 3 years.
The malware has been named as Crackonosh and scattered globally by depicting itself as a famous software. Just as soon as the software is installed, the antivirus protection is terminated and a coin mining program is installed namely XMRig. This will start mining Monero.
Since 2018, almost thirty different variants have been reported by Avast, a Czech Cyber security firm. They revealed that most of the affected devices were found in United States, Brazil, Poland, Philippines and India.
The malware works swiftly. As soon as it lands on a device it takes over system files including service installer and maintenance so the trail can be covered. As a result to such actions antivirus becomes ineffective and is no longer able to start auto update of the system. Later Crackonosh will download its own variant of Windows Defender with a green check on the display icon of Windows security. This will be done to avoid getting caught. However, it can be treated by rebooting the device into safe mode and changing the names of systems applications files before they are relaunched in Windows. This was unveiled by Roberto Franceschetti, a security researcher, at the end of 2020.
In a statement given by Microsoft, the company told that the malware doesn’t have any malicious controller. This is why it doesn’t require any urgent security service. In case of malicious activities, the attack could’ve done a lot of damage.
Talking about the attacks carried out by Crackonosh, Daniel Benes, security researcher of Avast showed the cons of installing such packages. He told that the attacks will keep happening as long as users will keep falling for such illegal software. He highlighted how going after a software through unfair means can come right back at the user.
Similar mining attacks were also carried by bad actors back in 2017, these attackers were responsible for attacking 100,000 devices for their crypto hijacking campaign. Their attacks were given the name of DirtyMoe and Purple Fox malware. And now the Crackonosh malware is responsible for mining Monero.
Read next: Report shows the most threatening malware that is faced by Android Phones
The malware has been named as Crackonosh and scattered globally by depicting itself as a famous software. Just as soon as the software is installed, the antivirus protection is terminated and a coin mining program is installed namely XMRig. This will start mining Monero.
Since 2018, almost thirty different variants have been reported by Avast, a Czech Cyber security firm. They revealed that most of the affected devices were found in United States, Brazil, Poland, Philippines and India.
The malware works swiftly. As soon as it lands on a device it takes over system files including service installer and maintenance so the trail can be covered. As a result to such actions antivirus becomes ineffective and is no longer able to start auto update of the system. Later Crackonosh will download its own variant of Windows Defender with a green check on the display icon of Windows security. This will be done to avoid getting caught. However, it can be treated by rebooting the device into safe mode and changing the names of systems applications files before they are relaunched in Windows. This was unveiled by Roberto Franceschetti, a security researcher, at the end of 2020.
In a statement given by Microsoft, the company told that the malware doesn’t have any malicious controller. This is why it doesn’t require any urgent security service. In case of malicious activities, the attack could’ve done a lot of damage.
Talking about the attacks carried out by Crackonosh, Daniel Benes, security researcher of Avast showed the cons of installing such packages. He told that the attacks will keep happening as long as users will keep falling for such illegal software. He highlighted how going after a software through unfair means can come right back at the user.
Similar mining attacks were also carried by bad actors back in 2017, these attackers were responsible for attacking 100,000 devices for their crypto hijacking campaign. Their attacks were given the name of DirtyMoe and Purple Fox malware. And now the Crackonosh malware is responsible for mining Monero.
Read next: Report shows the most threatening malware that is faced by Android Phones
