WARNING! Cryptomining Malware Launches Linux VMs On Windows and macOS

[rhomelmabini]

Cybersecurity researchers from at least two firms today unveiled details of a new strain of malware that targets Windows and macOS systems with a Linux-based cryptocurrency mining malware.

It may sound strange, but it's true.

Dubbed "LoudMiner" and also "Bird Miner," the attack leverages command-line based virtualization software on targeted systems to silently boot an image of Tiny Core Linux OS that already contains a hacker-activated cryptocurrency mining software in it.

Spotted by researchers at ESET and Malwarebytes, attackers are distributing this malware bundled with pirated and cracked copies of VST (Virtual Studio Technology) software on the Internet and via Torrent network since August 2018.

This new malware, first detected in August last year, comes in at least 4 different versions and, it can be completely removed only by resetting the operating system.

At the moment it is not known how much damage it has caused or how many Monero have been mined, but it is clear that once again Monero (XMR) remains the preferred cryptocurrency for this type of illegal activity.

For those that runs these cryptominers this was a serious issue for you, imagine this has been running for almost a year now wonder how many users been affected.

[1714056501]

1714056501

[1714056501]

1714056501

[1714056501]

1714056501

[Kakmakr]

Use the following free Microsoft software to detect and remove this threat:

    Windows Defender Antivirus  for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
    Microsoft Safety Scanner

I have had good results in removing some of these Coinminer Malware on some computers that was infected, but make sure that your Cloud-based Protection settings is turned On.

Kaspersky is your next bet, because any of the Malware that Windows Defender Antivirus or Microsoft Security Essentials could not remove, was detected and removed by Kaspersky. 

[thd26bct]

One again, having healthy habits on Internet will keep us safe. Even with free softwares, Microsoft Bitfender or whatever free softwares, or expensive softwares, users will not be safe if they don't have healthy habits on Internet. Because antivirus softwares need a bit delay time to update their databases. It means when new threats created, you will be under risks of attacks from your unhealthy habits on Internet.

[DdmrDdmr]

Allegedly, Loudminer was distributed through applications related to audio production, such as, but not limited to Propellerhead Reason, Ableton Live, Sylenth1, Nexus, Reaktor 6 and AutoTune. The following link provides the technical details of the different installation procedures found so far:
https://www.welivesecurity.com/2019/06/20/loudminer-mining-cracked-vst-software/.

In the case of the Windows based installation, a pop-up asks you to install an alleged Oracle network adapter, thereby tricking people into performing the installation because one would tend to trust a prompt from Oracle … even though it may not have that much to do with audio production itself.