CCross 0 Posted December 22, 2017 Share Posted December 22, 2017 Hello there, There are news spread about a malware that is using facebook messenger as a vector to infect victims with Digmine, here you have some links as reference: https://gbhackers.com/digmine-facebook-messenger-cryptocurrency/https://www.scmagazineuk.com/digmine-cryptocurrency-botnet-spreading-through-facebook-messenger/article/720550/https://thehackernews.com/2017/12/cryptocurrency-hack-facebook.html?m=1 I checked the ESET Database latest definition Update 16617 and there's a Win64/CoinMiner listed there, I just would like to know if this update covers this new malware detection. Thanks in advance. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,070 Posted December 22, 2017 Administrators Share Posted December 22, 2017 It should be Win32/TrojanDownloader.Autoit.OJA trojan. I wouldn't worry about CoinMiners or malware being sent via FB messages since the user must explicitly click the file to open/run it. More worrying is malware or CoinMiners that are run through malwaretising. For instance, yesterday we encountered a brand new variant (detected by ESET's javascript scanner) that was loaded by certain pages on the website of the Slovak Railways. Although it was a link to a legitimate ad server, in fact the ad contained a redirect to a server with the coin mining script. The same script has been seen to be loaded also on a lot porn sites. Link to comment Share on other sites More sharing options...
CCross 0 Posted December 28, 2017 Author Share Posted December 28, 2017 Thank you. Link to comment Share on other sites More sharing options...
Recommended Posts