• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
TechEngage

TechEngage

Technology news and opinions

  • Tech News
  • Reviews
  • How-to
  • Science
    • Energy
    • Environment
    • Health
    • Space
  • Apps
  • More
    • Opinion
    • Noteworthy
    • Roundups
    • Culture
    • Blockchain
      • Cryptocurrency
    • Events
    • Deals
    • Startups
      • Startup Submissions
  • Videos
  • Login
Security

Russian crypto-jacking malware can extract cryptocurrencies

Avatar for Noor Imtiaz Noor Imtiaz Updated: January 2, 2020

russian hackers using cryptocurrency malware

A discovery by McAfee labs has confirmed that a new crypto-jacking malware is out in the open. This new virus is capable of using the computer to mine cryptocurrency like Monera or Zcash. Famous symptoms of an attack are the computer getting hot and sluggish out of nowhere. McAfee labs have also identified the malware to be Russian. This virus is called WebCobra, and it is capable of installing cryptocurrency miners based on the system configuration of the affected computer.

Cryptojacking

The launch of cryptocurrency brought many concerns with it. However, the recent surge in crypto-jacking has become the primary concern of today. Cryptojacking means hijacking cryptocurrency. This practice is illegal and leads to the stolen cryptocurrency funds going to the person in control of the malware.

Cryptojacking is relatively new. However, a recent report from the CTA (Cyber Threat Alliance) confirms that this year, crypto jacking has increased by 459%. Another report by McAfee Labs claims that in the last quarter of 2017, crypto mining malware samples had risen to 40,000.

This number, however, saw a 629% rise in the first quarter of 2018 to become 2.9 million samples. The trend has continued with another 82% rise in the second quarter. This meant the recognition of 2.5 million new crypto mining malware samples.

What is WebCobra?

Analysis has revealed more interesting information about the WebCobra. It has concluded that the malware was using a malicious Microsoft installer package to spread in computer systems. More interestingly, the Microsoft installer package only installed Zcash miner by Claymore on x64 systems and Cryptonight miners on x86 systems. The Cryptonight miners that WebCobra installs on x86 systems are not limited to Monero. Any cryptocurrency coin that can work with the Cryptonight algorithm is vulnerable to it.

Researchers have tracked the origins of this malware in Russia. However, reports suggest that the countries most severely affected by this onslaught include US, Brazil and South Africa.

Previously fake Elon Musk account, Target, and Google G Suite’s Twitter accounts were targeted by crypto scams.

WebCobra confirms that crypto-jacking attackers are getting smarter. This development is visible in the attack vectors becoming more complex with each passing day. Researchers came across the disguising of mining malware as Windows installer files last week. However previously, Swiss security experts had already warned that cryptocurrency scammers continue to add new techniques. An example includes trojan attacks.

Reactions

The McAfee Lab report reads:

“The increase in the value of cryptocurrencies has inspired cybercriminals to employ malware that steals machine resources to mine crypto coins without the victims’ consent. Coin mining malware will continue to evolve as cybercriminals take advantage of this relatively easy path to stealing value. Mining coins on other people’s systems requires less investment and risk than ransomware, and does not depend on a percentage of victims agreeing to send money.”

Stay tuned for more updates!

This post was orginally published on: November 14, 2018 and was updated on: January 2, 2020.

Related Tags: Cryptocurrency

Related Stories

  • Not so secure Security Numbers

    Not so secure Security Numbers

  • Make-A-Wish website hit with the cryptojacking plight

    Make-A-Wish website hit with the cryptojacking plight

  • Data Leak in Moscow worries many

    Data Leak in Moscow worries many

Avatar for Noor Imtiaz

Noor Imtiaz

News Reporter

Currently a MS student in Healthcare Biotech at Pakistan’s National University of Science and Technology juggling pure science and creative writing. I’m an avid reader who makes more time for books than Netflix.

Reader Interactions

Discussion

  1. Avatar for Kolya McCleaveKolya McCleave says

    November 23, 2018

    How does WebCobra typically gain initial access to a system?

    Reply

Join The Discussion: Cancel reply

Please read our comment policy before submitting your comment. Your email address will not be used or publish anywhere. You will only receive comment notifications if you opt to subscribe below.

Primary Sidebar

Become a contributor

We are accepting contributor applications. All applications will be decided in 3 days after applying. To learn more click here.
TechEngage-Apple-News
TechEngage-Google-News

Recent Stories

  • Top-rated best dishwashers on Amazon for 2021
  • Samsung S21 series is here and we’ve got everything you need to know
  • Best laptop cooling pads for 2021 on Amazon
  • Best standing desks on Amazon for 2021
  • 14 best educational apps of 2021
Free Movie Makers

5 Best Free and Affordable Movie Makers for Windows 10

Windows keyboard

5 reasons to buy an antivirus for your Windows system

Chrome Picture in Picture Mode

How to watch videos in Picture-in-Picture mode on Chrome

A kid with his mother going on hiking

8 easy ways to improve your kid’s Fitness

Footer

About Us

  • Advertise
  • Send us a tip
  • Startup Submission Questionnaire
  • Community Guidelines
  • Corrections Policy & Practice
  • Contact us

Discover

  • About
  • Newsroom
  • Advertise
  • Brand Kit
  • Partners
  • Staff
  • Our Ethics
  • Publication Principles
  • Contact us

Legal Pages

  • Reviews Guarantee
  • Community Guidelines
  • Cookies Policy
  • Comments Policy
  • Our Ethics
  • Disclaimer
  • GDPR Compliance
  • Privacy Policy
  • Terms and Conditions

Download our apps

TechEngage-app-google-play-store

Copyright © 2021 · All Rights Reserved · TechEngage® is a Project of TechAbout LLC.
TechEngage® is a registered trademark in United Kingdom under Trademark Number UK00003417167 and is ISSN protected under the ISSN 2690-3776 and OCLC Number 1139335774.