A global cybersecurity company recently reported that cryptomining malware hidden in digital textbook downloads was the second most common type of malware spread under the guise of study materials. The malware, Win32.Agent.ifdx, is a program that opens a text file when launched to trick the user into thinking the file is benign. Once installed, the malware can download other pieces of malware, including cryptominers that allow hackers to generate profits through use of the host's processing power.
According to another recent report, the Bitcoin blockchain is being used by the Glupteba malware dropper to improve the malware's connection to command-and-control servers (C2 servers), which hackers use to control compromised systems. When a compromised system disconnects from a C2 server, hackers can use the Bitcoin network to replace C2 servers, allowing the compromised system to reconnect. The report noted that the Glupteba malware is also capable of implementing cryptomining and can steal browser data and passwords.
For more information, please refer to the following links:
- Student surprise: malware masked as textbooks and essays
- Warning Issued After Malware Is Found To Have Hijacked Bitcoin Blockchain
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.