Russian cybersecurity firm Kaspersky Lab has discovered malware which hides inside a computer, mines cryptocurrency and sends it to hackers. The virus is spread through social engineering and adware.
Kaspersky Lab has discovered two groups of hackers working in Russia, which have control of 5,000 and 4,000 computers. When installed on a victim’s computer, the malware starts using its hardware like graphic cards to create digital tokens.
“According to analysts, the hacker mining network brings its owners up to $30,000 per month,” the company said.
The most popular currencies are Monero and Zcash; their transactions are difficult to trace due to anonymity.
Kaspersky estimates that the network of 4,000 computers earned over $209,000 in the Monero cryptocurrency. Coinmarketcap values Monero’s market value at $1.7 billion, while Zcash is worth $503 million, making them the 9th and 18th largest digital currencies.
The malware is hard to trace for an ordinary user, who will notice the PC slowing down and heating up, but doesn’t understand why. Users usually download such adware on their own, thinking it’s free software or a key to activate licensed products.
Mining itself is not an illegal process. Moreover, a user can easily install a program and legally use it for mining cryptocurrencies. So, it makes it hard to detect whether a computer was hacked, or its owner voluntarily downloaded the software.
Users on forums have complained that criminals have been using malware to mine cryptocurrencies on victims’ computers for more than two years. They claim Kaspersky Lab reacted only now, as it wants to sell more antivirus software at the peak of popularity of digital money.