Jump to content

Digmine and Win64/CoinMiner.


CCross
 Share

Recommended Posts

Hello there,

There are news spread about a malware that is using facebook messenger as a vector to infect victims with Digmine, here you have some links as reference: 

https://gbhackers.com/digmine-facebook-messenger-cryptocurrency/
https://www.scmagazineuk.com/digmine-cryptocurrency-botnet-spreading-through-facebook-messenger/article/720550/
https://thehackernews.com/2017/12/cryptocurrency-hack-facebook.html?m=1

I checked the ESET Database latest definition Update 16617 and there's a Win64/CoinMiner listed there, I just would like to know if this update covers this new malware detection.

Thanks in advance.

Link to comment
Share on other sites

  • Administrators

It should be Win32/TrojanDownloader.Autoit.OJA trojan.

I wouldn't worry about CoinMiners or malware being sent via FB messages since the user must explicitly click the file to open/run it. More worrying is malware or CoinMiners that are run through malwaretising. For instance, yesterday we encountered a brand new variant (detected by ESET's javascript scanner) that was loaded by certain pages on the website of the Slovak Railways. Although it was a link to a legitimate ad server, in fact the ad contained a redirect to a server with the coin mining script. The same script has been seen to be loaded also on a lot porn sites.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...