SilentCryptoMiner distributed as a bypass tool

SUMMARY :

A mass malware campaign is infecting users with a cryptocurrency miner disguised as a tool for bypassing internet restrictions. The campaign has affected over 2,000 victims in Russia, utilizing YouTube channels to spread malicious links. Attackers are blackmailing content creators to post videos with infected file links, threatening channel shutdowns. The malware uses a multi-stage infection process, including a Python loader that downloads and executes the SilentCryptoMiner. This miner, based on XMRig, employs stealth techniques like process hollowing and can mine various cryptocurrencies. The campaign highlights the growing exploitation of restriction bypass tools for malware distribution, posing significant risks to user data security.

OPENCTI LABELS :

dcrat,xworm,phemedrone,xmrig,cryptocurrency mining,njrat,stealth techniques,silentcryptominer,blackmail,restriction bypass,python loader


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


SilentCryptoMiner distributed as a bypass tool