Another Malware trying to install Monero cryptojacking systems

Monero hack

Yesterday morning, a cybersecurity company called Trend Micro, announced that they have discovered and removed malicious software from numerous servers that exploited various security gaps on servers and installed crypto jacking programmes on peoples’ hardware. The information was spread through the company’s blog.

There were exactly eight major exploits that the malicious program was exploiting with things such as web servers hard drives, network drivers and various other pieces of software and hardware.

The software has been dubbed BlackSquid and employs things such as EternalBlue and DoublePulsar, alongside other CVE versions and ThinkPHP exploits. The nature of the hack has been described as brute force, rather than exit hacks or phishing attacks.

The BlackSquid, if injected into hardware or software, will secretly install the XMRig programme, which deals with Monero mining without the victim ever finding out. Although it’s not a direct attack at the victim’s personal information such as crypto wallet login credentials, it is still very dangerous for the hardware as the mining process wears it out.

Furthermore, BlackSquid’s Monero mining software was the only thing discovered by Trend Micro, therefore there could be many more versions of the same malware mining other coins. Currently, the majority of cases were sighted in Thailand and the United States of America.

Trend Micro warns users about the potential places the malware can be injected on a person’s device. These are infected servers and network drives that can be removed.

This new hack is yet another case for 2019 alone. The cryptocurrency hacks have been going on for quite a long time, but it seems like we encounter new instances nearly every day.

Just yesterday we saw a South Korean cybersecurity company discover one of the most sophisticated brute force attacks ever recorded in the blockchain’s history.

It seems like hackers are getting much better at breaching the most modern security protocols. The only thing companies can do is improve alongside them and always provide new challenges day after day.