New Malware WebCobra Uses Victims’ Computers To Mine Cryptocurrency

Cryptocurrency Jacking on the Rise

The increase in the popularity of cryptocurrency is causing a number of ethical and security concerns both within the crypto community and beyond. Although harsh regulations and cryptocurrency hacks cause major worries, crypto jacking is the new trending threat.

Cryptojacking is an illegal process whereby hackers gain control of part of a user computing processing power to mine crypto. However. the minted cryptos would be routed directly to the hackers’ cryptocurrency set addresses.

This malware impairs computers’ normal functionality making infected computers to run much slower. In most cases, victims would not be aware of the attack on their computers since most antivirus software would not detect the presence of this malware in the computer system.

As the malicious software runs in the background of the user computer, basic functionality if slowed down and power consumption increases. According to a report released by the Cyber Threat Alliance (CTA), crypto jacking has increased by a massive 459% this year alone. Another report from McAfee Labs released in September this year indicates that mining malware increased to 400,000 in the last quarter of 2017 alone.

This showcases an increased by about 629% to more than 2.9 million samples in the first quarter of 2018. The antivirus maker revealed that the trend grows into the second quarter of 2018 by 86% with more than 2.5 million new samples detected.

Most widely Used Cryptojacking Malware WebCobra

According to reports from McAfee Labs researchers, a new crypto jacking malware most commonly used is WebCobra. The report traces the origin of the malware to hackers based in Russia. WebCobra infects victim’s computer by silently dropping and installing the Cryptonight miner or Claymore’s Zcash miner.

Webcobra leverages the architecture of an individual computer and installs the right crypto mining malware anonymously. However, researchers at McAfee Labs believe this threat arrives via some rogue PUP installers. The largest number of infections occurs in countries such as Brazil, South Africa, and the United States.

McAfee Labs revealed an assortment of techniques used in the attack. The attack includes Exfiltration over command and control channel, command-line interface, hooking and Data from the Local system. Moreover, additional techniques include

• File and directory discovery,
• Query registry,
• System information discovery,
• Process discovery,
• System time discovery,
• Process injection,
• Data encrypted Data obfuscation,
• Multilayer encryption
• File Deletion

The most attack investigated by the McAfee Labs most originated from the following IP addresses, 149.249.13:2224,149.254.170:2223 and 31.92.212. The most widely used web domains are fee.xmrig.com,ru and zec.slushpool.com.

You can Contact us for Exchange Listing, Blockchain Events, Wallets, Tracking Tool info.