Monero-Mining Malware Found Embedded in Audio Files

Share Article

Cybercrime is getting more profitable and, with this increased profitability, the need has arisen for hackers to become more innovative in their operations. As it is with the legitimate business scene, criminals are now thinking out of the box to stay ahead of the curve.

Sponsored



Sponsored

Cybersecurity firm BlackBerry Cylance released a research report which suggests that hackers have employed steganography, the art of concealing an item in another, as a part of their operations. Specifically, this new hacking method involves concealing malware into a WAV audio file to hide its malicious code and move past conventional detection methods.

The cybersecurity company revealed that each of these WAV files contains a loader component, which will go on to decode and execute malicious content in the audio files. Several threat actors were reportedly examined, with some even embedding JPEG and PNG files with their malware and sending them out.

Sponsored



Sponsored

Some malware attackers have also gotten their malware into WAV files. The malicious audio files were found to be embedded with XMRig, a mining malware used to mine privacy-focused crypto-asset Monero (XMR). The WAV files discovered by the firm also employed the same infrastructure — one which indicates the campaign employed to get remote access over the victims’ networks.

Hackers Love Monero

Hackers love stealing cryptocurrencies, but they like Monero (XMR) more than others. While malware attackers have been known to target Bitcoin (BTC) in the past, the progress made in tracking them through the asset has forced them to move to another asset; the privacy-focused XMR.

In June, researchers from cybersecurity firm Trend Micro were able to track Black Squid, a cryptojacking malware which they claimed was affecting computers across Thailand and the United States.

While measures have been taken to reduce the efficacy of cryptojacking and keep its effects to a minimum, the Black Squid malware definitely breathed new life to the criminal activity. After receiving a lot of activity reports, authorities in the two target countries put Black Squid into the limelight — and the reason for its popularity was soon recognized.

Black Squid

As BeInCrypto reported, the malware was able to employ several means to hack into computer systems. Thanks to its use of anti-virtualization, anti-sandboxing, and anti-debugging, the malware could take out any steps that could potentially alert victims of its presence.

In addition to that, the cybersecurity firm noted that the malware has worm-like propagation abilities, thus making it easy for it to infect other systems that are discovered on the same server as well. With such a potential to get processing power, its popularity amongst hackers was quite obvious.

What do you think about the improved methods used by the crypto jackers behind XMRig? What precautions do you take to stop yourself from falling victim to similar attacks? Let us know your thoughts in the comments below. 

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Sponsored
Share Article

Based in the United Kingdom, Jimmy is an economic researcher with outstanding hands-on and heads-on experience in Macroeconomic finance analysis, forecasting and planning. He has honed his skills, having worked cross-continental as a finance analyst, which gives him inter-cultural experience. He currently has a strong passion for blockchain regulation and macroeconomic trends as it allows him peek under the global bonnet to see how the world works.

Follow Author

Market signals, studies and analysis! Join our Telegram Today!

Go

Market signals, studies and analysis! Join our Telegram Today!

Go

Market signals, studies and analysis! Join our Telegram Today!

Go