A new monero malware is targeting enterprise networks according to the new report from cybersecurity company Sophos that detailed a new variant of the Tor2Mine malware so let’s read more in our latest Monero news today.
The new Monero malware installs a monero crypto-miner which is quite aggressive compared to other variants. In most cases you would need to update your antivirus software otherwise this miner could enter your network and eat it up. In a new report released today by Sophos, that boasts over 500,000 businesses as customers, a new variant of the Tor2Mine crypto-miner infects company networks to mine XMR as the most popular privacy coin for being hard to trace. Sophos threat researcher Sean Gallagher said that all of the miners that they studied were Monero miners.
According to Gallagher, the malware looks for entry points in a network’s security in the form of systems that didn’t have their security features updated, including antivirus and anti-malware software updates or patched. Once installed on the computer or the server, the malware will look for other systems to install the miners for more profits. Hacks are a still huge problem for DAOs and DeFi projects that are quite vulnerable for more than smart contract exploits. A day ago, we saw BadgerDAO being hacked $120 million in front-end exploit according to PeckShield. Gallagher said in a press release:
“Once it has established a foothold on a network, it is difficult to root out without the assistance of endpoint protection software and other anti-malware measures. Because it spreads laterally away from the initial point of compromise, it can’t be eliminated just by patching and cleaning one system. The miner will continually attempt to re-infect other systems on the network, even after the command-and-control server for the miner has been blocked or goes offline.”
Tor2Mine spreads to every system on the network fast and installs the crypto-miner where it can but also it Is so hard to remove. Because they generate less revenue than other attacks such as mining malware, ransomware applications infect as many systems as possible to make the attack worth the trouble. Gallagher said that there’s a sign that a system is infected when there’s heavy use of processing power, reduced performance, and high electricity bills similar to the ones if you are mining crypto.
Two flavors of Tor2Mine miner dig deep into networks with PowerShell, VBScript
Using remote scripts and code, one variant can even execute filelessly until it gains administrative credentials…
— SophosLabs (@SophosLabs) December 2, 2021
Monero as a privacy coin became a favorite tool for cybercriminals because of its many privacy features that make trading harder than BTC and ETH. Monero wallet addresses and transactions are also hard to trace because of the use of ring signatures and stealth addresses that are able to hide the identities of both the receiver and sender. Sophos recommends patching the vulnerabilities in an internet-facing system such as web applications, email servers, VPN services, and other anti-malware products that can prevent one from becoming a victim. While Sophos creates its own products, Gallagher urged every type of protection saying “Any anti-virus is better than no anti-virus.” If you want to know the real-time value of your Monero investment, make sure to check out our Monero price calculator.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]