Wednesday , February 24 2021

Discover the hidden miner Linux

Yesterday 21:33


The new miner can pose a threat not only to servers, but also to ordinary Linux users.



Trend Micro, a Japanese-based specialist in cyber security, has discovered a crypto-cultivating KORKERDS mineral, characterized by a somewhat unusual behavior. It is reported on the company's website.

Researchers have not yet clearly defined how these threats are spreading. However, it is likely that downloading will occur after some software installation or with a compromised plug-in.

infectious chain-2

The researchers assigned the Coinminer.Linux.KORKERDS.AB identifier to the hill (XMR), a mining miner of the cryptogram. It should be noted that another rootkit component (Rootkit.Linux.KORKERDS.AA) is also used that "hides" the extraction process from monitoring tools.


After the system starts to shut down the miner, the CPU loads up to 100%. However, it is not easy for the user to find out the reason for it. The situation is compounded by the rootkit that uses the readdir and readdir64 APIs and libc libraries. The normal library file is overwritten and the re-entry is replaced by a fake version.

hidden rootkits-1024x470

The malware version of the browser is used to hide the extraction process (kworkerds). After that, it becomes much harder to detect a mineral, despite the fact that the processor load points to suspicious activities.

According to researchers, the new miner can pose a threat not only to servers, but also to ordinary Linux users.

Withdraw Canada has launched a mining holding with an area of ​​more than 2,500 square meters. m. The project of the Mining Center was supported by the municipality.

We also wrote it Armenia has opened the world's largest data center with 3000 mining machines. Investors have invested $ 50 million in mining projects.

Meanwhile The legalization of Bitcoin and other crypto-cultures takes place in Ukraine. The concepts of "extraction" and "token" will be defined at the legislative level.

Previously NBU refused to recognize the Bitcoin currency. Crypto cultures, according to the National Bank, are also not a means of payment. "World regulators do not worry about the threat of cryptanalysis because of their small size, they are worried only about people losing money and fraud"– said then the deputy head of the NBU Oleg Chury.

You are currently viewing the news "An unusual hidden miner has been discovered under Linux." Other information about cryptulous, see The "Latest News" block

Source link