Malware Performs Secret Crypto Mining via Chrome Extensions Using “CryptoNight” Algorithm


The number of digital traders and investors is rising and the crypto world is on an upward trend regarding enthusiasts who become interested in it. This also led to more hackers and all kinds of cybercriminals to target this domain. The result was that a lot of significant crypto exchanges have already warned their users and advised them to use particular enhanced security features such as the SMS authentication and the 2-factor-authentication.

Experts advise investors to store their cryptos on hardware wallets

More and more cryptocurrency and cybersecurity experts advise crypto enthusiasts to keep their digital assets on hardware wallets such as Trezor and Ledger Nano S. But, on the other hand, it seems that there’s more to be feared than just direct crypto theft.

There’s a new type of malicious malware on the loose that has the ability to mine cryptos secretly on users’ computers.

“Nigelify” Chrome plugin can be abused to steal data and mine crypto

Radware’s blog post addresses the latest discovery made by cybersecurity experts. It seems that cybercriminals have the ability to abuse a Chrome plugin named Nigelify via a malware code and this way they’re able to steal your personal data and secretly mine crypto using your machine.

The Chrome extension can easily bypass Google’s extension validation checks when malicious cybercriminals create copies of genuine extensions and insert the malware script.

The group behind this may have been active since March 2018, according to the experts’ report. It is believed that this malware was already able to infect more than 100,000 computers in more than 100 countries. It seems that most of the infected machines are located in Philipines, Ecuador, and Venezuela.

The malware can mine Monero, Bytecoin, and Electroneum via CryptoNight algorithm.

“The attackers are using a publicly available browser-mining tool to get the infected machines to start mining cryptocurrencies. The JavaScript code is downloaded from external sites that the group controls and contains the mining pool. Radware observed that in the last several days the group was trying to mine three different coins (Monero, Bytecoin, and Electroneum) that are all based on the “CryptoNight” algorithm that allows mining via any CPU,” the report notes.

You can read the complete data here.

Cybersecurity experts are continually advising users to be up to date with the latest version of antivirus and antimalware software to enhance the computers’ security and stay protected against cybercriminals.



Source link

Comments (No)

Leave a Reply