Monero Miner Sends Cryptocurrency to North Korean University

8 January 2018

An application compiled just weeks ago was found to be an installer for a Monero miner designed to send the mined currency to a North Korean university, AlienVault reports.

The application’s developers, however, might not be of North Korean origins themselves, the security researchers say. They also suggest that the tool could either be only an experimental application or could attempt to trick researchers by connecting to Kim Il Sung University in Pyongyang, North Korea.

Once the discovered installer is run, it copies a file named intelservice.exe to the system, which is often associated with cryptocurrency mining malware. The arguments the file is executed with reveal it is a piece of software called xmrig, a program already associated with wide campaigns exploiting unpatched IIS servers to mine Monero.

Read full news article on SecurityWeek

Date:

8 January 2018

Categorie(s):

NEWS

Tag(s):

Cryptocurrency, Korean, Malware, Miner, Monero, North, University

Ransom recovery costs reach $2.73 million3 May 2024
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks3 May 2024
Indonesia sneakily buys spyware, claims Amnesty International3 May 2024
Most companies changed their cybersecurity strategy in the past year3 May 2024
What is cybersecurity mesh architecture (CSMA)?3 May 2024