Cybersecurity researchers from at least two firms today unveiled details of a new strain of malware that targets Windows and macOS systems with a Linux-based cryptocurrency mining malware.
It may sound strange, but it’s true.
Dubbed “LoudMiner” and also “Bird Miner,” the attack leverages command-line based virtualisation software on targeted systems to silently boot an image of Tiny Core Linux OS that already contains a hacker-activated cryptocurrency mining software in it.
Isn’t it interesting to use emulation to run single-platform malware on cross-platforms?
Spotted by researchers at ESET and Malwarebytes, attackers are distributing this malware bundled with pirated and cracked copies of VST (Virtual Studio Technology) software on the Internet and via Torrent network since August 2018.
VST applications contain sounds, effects, synthesizers, and other advanced editing features that allow tech-centric audio professionals to create music.
“Regarding the nature of the applications targeted, it is interesting to observe that their purpose is related to audio production; thus, the machines that they are installed on should have the good processing power and high CPU consumption will not surprise the users,” ESET researchers said.
Researchers have found various malicious versions of nearly 137 VST-related applications, 42 of which are for Windows and 95 for macOS platform, including Propellerhead Reason, Ableton Live, Sylenth1, Nexus, Reaktor 6 and AutoTune.
images from Hacker News