Researchers at computer security firm McAfee Labs have recently discovered cryptojacking malware called “WebCobra. The malware steals victims computing power to mine Monero and Zcash. The rapid rise in cryptocurrency prices has given birth to a new wave of cybercriminals.
McAfee Labs says the Russian application WebCobra installs the Cryptonight miner or Claymore’s Zcash miner. As stated by McAfee labs,” “On x86 systems, it injects Cryptonight miner code into a running process and launches a process monitor,” McAfee observed. “On x64 systems, it checks the GPU configuration and downloads and executes Claymore’s Zcash miner from a remote server.”
Most users and even detectors would not be aware of hack unless their computer acts sluggish or breaks down entirely. By that time, it may be too late, and the victim could be left stuck with a massive bill since crypto-mining uses a lot of electricity.
McAfee report recommended users to look out for signs from their computers. It says, “Once a machine is compromised, a malicious app runs silently in the background with just one sign: performance degradation,” McAfee Labs warned. “As the malware increases power consumption, the machine slows down, leaving the owner with a headache and an unwelcome bill.”
According to the Cyber Threat Alliance (CTA),cryptojacking has surged a whopping 459% in 2018. The unexpected spike has been blamed on the leak of EternalBlue, a software vulnerability in Microsoft’s Windows operating system.
Experts say Microsoft and the National Security Agency are both responsible for the leak, which occurred in April 2017 when a group called the “Shadow Brokers” put a packet of stolen NSA tools on the market.
Microsoft holds NSA accountable
Neil Jenkins, chief analytics officer for the CTA says, “A patch for EternalBlue has been available for 18 months and even after being exploited in two significant global cyber attacks – WannaCry and NotPetya – there are still countless organizations that are being victimized by this exploit, as it’s being used by mining malware.
Microsoft holds U.S. government accountable for the breach and said, “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” said Brad Smith, the president, and chief legal officer of Microsoft. “Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.”