Security News > 2022 > August > Windows malware delays coinminer install by a month to evade detection
A new malware campaign disguised as Google Translate or MP3 downloader programs was found distributing cryptocurrency mining malware across 11 countries.
According to a report by Check Point, the malware is created by a developer named 'Nitrokod,' which at first look appears to be clean of malware and provides the advertised functionality.
Check Point says the software purposely delays the installation of the malicious malware components for up to a month to evade detection.
The malware determines if it's running on a desktop or laptop, then connects to its C2 and sends a full host system report via HTTP POST requests.
Crypto-mining malware can be a risk as it can damage hardware by causing hardware stress and overheating, and can impact the performance of your computer by using additional CPU resources.
The malware droppers discovered by Check Point can swap the final payload with something much more dangerous at any time.
News URL
Related news
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- New SteelFox malware hijacks Windows PCs using vulnerable driver (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)