Monero Successfully Mined by CryptoJacking Malware KingMiner, Bypasses Detection Systems

CryptoJacking Malware KingMiner has successfully been able to mine Monero and avoid any kind of detection by launching newer versions of the malware.

The privacy coin Monero has lost over 91% of its value from the peak price but hasn’t stopped Cryptojacking malware like KingMiner from mining it using its victim’s computers. Cybersecurity firm Checkpoint reports that KingMiner has been able to improve its effectiveness and ingenuity making it harder to detect.

KingMiner was first detected in mid-June 2018 followed by the deployment of two improved versions which mainly targets Microsoft products more specifically IIS and SQL servers. The malware is able to deploy various evasion techniques to bypass emulation and detection methods resulting in significantly reduced detection rates.

The firm reports:

“Based on our analysis of sensor logs, there is a steady rise in the number of KingMiner attack attempts.”

After gaining access the malware is able to deploy a Windows Scriptlet file (.sct) on the victim’s machine. The file then detects the CPU architecture of the victim machine and goes on to delete any older versions of the attack files if they exist.

It then downloads a payload ZIP file based on the CPU architecture, but in actuality, it is an XML file which will bypass emulation attempts. The .exe file then goes on to create the XMRig miner file which is intended to use up to 75% of the CPU capacity.

The creators of King Miner have been able to avoid tracking by using private mining pools. The wallet used is not connected to any public pools making it hard to detect which domains are used.

However, Checkpoint reports:

“we can see that the attack is currently widely spread, from Mexico to India, Norway and Israel.”

The firm also reports that such attacks will be more prevalent in 2019 due to improved evasion techniques.

Blockmanity’s Take

Monero is the best Cryptocurrency for malware to mine from its victim’s systems due to its full privacy features and CPU/GPU friendly mining ability. One can view this is in a negative light but this goes on to prove the robustness of the privacy features in Monero’s protocol.

Also Read:

Discuss this news on our Telegram Community. Subscribe to us on Google news and do follow us on Twitter @Blockmanity

Did you like the news you just read? Please leave a feedback to help us serve you better

Disclaimer: Blockmanity is a news portal and does not provide any financial advice. Blockmanity's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Blockmanity won't be responsible for any loss of funds.