Bitcoin
$42,761.64+0.77%
Ethereum
$2,928.18+0.93%
XRP
$0.940614+0.93%
Cardano
$2.38+5.38%
Polkadot
$30.31-0.13%
Stellar
$0.278700-0.27%
Dogecoin
$0.209935+0.89%
Chainlink
$24.04+5.54%
Uniswap
$19.46-1.25%
Polygon
$1.13+0.17%
Cosmos
$40.04-0.49%
Algorand
$1.74-3.33%
Litecoin
$152.85+2.53%
Bitcoin Cash
$517.86+1.75%
Wrapped Bitcoin
$42,765.58+0.92%
The Graph
$0.683539-3.51%
Filecoin
$60.77-3.74%
Tron
$0.090879-1.35%
Ethereum Classic
$47.63+1.09%
Tezos
$7.12+3.73%
Aave
$277.44-0.73%
Monero
$237.79+2.37%
NEO
$39.22-0.29%
EOS
$4.03+0.47%
IOTA
$1.24-1.30%
BitTorrent
$0.003257-0.31%
Bitcoin SV
$135.19-0.46%
Waves
$24.37-6.49%
Maker
$2,269.67-0.78%
Dash
$165.42+0.50%
Decred
$115.66+1.06%
Decentraland
$0.688433-1.13%
ICON
$1.56-1.19%
NEM
$0.147604-0.16%
Zcash
$110.07-0.35%
OmiseGO
$8.89-1.63%
NuCypher
$0.307678+13.50%
Paxos Standard
$1.00+0.05%
Yearn Finance
$30,227.38+6.31%
Ren
$1.04+6.19%
Qtum
$9.71-1.41%
Bitcoin Gold
$53.12+0.02%
Fetch.ai
$0.855122+11.71%
Basic Attention Token
$0.643808-0.55%
0x
$0.896802-1.13%
Kava.io
$5.89+0.39%
Bancor
$3.47+1.50%
Band Protocol
$7.51+2.07%
Siacoin
$0.014789-1.57%
Nano
$4.71+0.36%
Loopring
$0.380258+0.53%
Storj
$1.09+0.83%
Numeraire
$42.32+1.81%
Civic
$0.456157-3.01%
Lisk
$2.93+4.25%
Orchid
$0.319465-0.21%
PAX Gold
$1,756.40-0.09%
Enzyme
$134.37+0.35%
Augur
$21.57+6.43%
Aragon
$4.80+2.55%
district0x
$0.151108+2.51%
Kyber Network
$1.44+0.45%
SingularDTV
$0.001285-4.88%
Tether
$1.00+0.00%
USD Coin
$1.00+0.02%
Dai
$1.00+0.01%

New Crypto Mining Malware Seen to 'Evolve,' Say Researchers

Researchers at cybersecurity firm Check Point say a relatively new form of crypto mining malware, dubbed KingMiner, is “evolving.”

Nov 30, 2018 at 3:00 p.m. UTC
Updated Sep 13, 2021 at 8:38 a.m. UTC

Researchers at Israel-based cybersecurity firm Check Point Software Technologies say that a relatively new form of crypto mining malware, dubbed KingMiner, is “evolving.”

In a research note on Thursday, the firm's Ido Solomon and Adi Ikan said that KingMiner, a monero mining malware that first appeared about six months ago, is changing through time to avoid detection – even replacing older versions of itself that it encounters on host machines.

The researchers said:

“The malware continuously adds new features and bypass methods to avoid emulation. Mainly, it manipulates the needed files and creates a dependency which is critical during emulation.”

As a result of these tactics, the malware is also being detected by security systems at "significantly" reduced rates.

The malware usually targets Microsoft servers (predominantly IIS\SQL) and while configured to harness 75 percent of the victim machine's CPU capacity for mining, it actually uses up the full 100 percent.

To preserve its secrecy, KingMiner is also seen to use a private mining pool to avoid detection, which also has its API switched off.

"We have not yet determined which domains are used, as this is also private. However, we can see that the attack is currently widely spread, from Mexico to India, Norway and Israel," the researchers said.

The continual changes allow the malware to be more successful, they continued, predicting that such evasion techniques will continue to evolve during 2019 and become more common across crypto-mining malware variants.

Virus illustration via Shutterstock 

DISCLOSURE

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Loading...