Connect with us

Hi, what are you looking for?

News

SA experts stop bitcoin virus

Bitcoin virus

Bitcoin-mining virus stopped: White hat ethical hacker William Vermaak, from PBSA’s digital arm pbDigital, and senior software developer Morne Wilken, detected malicious activity on one of their customer’s servers last week. The two immediately analysed the source of the virus and uninfected the server.

According to Vermaak, the virus had gone undetected by all available virus packages.

“We submitted samples to ESET the next day and [the company] immediately responded from its virus lab in Denmark, confirming the virus was wild and that detection for the threat had been added to its latest definition updates.”

By the time of detection, the virus had already infected 0,04% of Windows computers in South Africa. Russia was hardest hit, with 0,5% of all Windows computers infected.

Essentially a Bitcoin-mining virus, the Winlog Virus downloads a Bitcoin CPU miner on the victim’s computer, and then mines Bitcoins for the virus originator.

Vermaak says this type of virus is particularly evasive. “It tries to make itself resilient and configures various system schedules to start it again if it’s stopped. The virus will also install itself on the system as a system service.

“The virus infiltrates the System Registry and changes some keys to make itself run again if it’s shut down. Shortcuts on the victims’s Desktop are modified to run the virus and these then run the original program, in an attempt to mask it’s presence. The virus also copies itself into various other files on the system — including Microsoft.exe — to try ensure resilience.”

Almost three months ago, Russian president Vladimir Putin’s Internet advisor, Herman Klimenko, issued a dire public warning that 20% to 30% of all computers in Russia were infected with computer malware designed to turn devices into Bitcoin-mining machines.

At the time, Klimenko told Moscow-based news broadcaster RBC that viruses that install bitcoin-mining software are the “most common and most dangerous” type of computer malware in existence.

Published by IT-Online on 17 October 2017:

You May Also Like

Electronic Signatures

The automotive industry demands efficiency and accuracy to ensure a smooth process. With the rise of digital transformation, more automotive businesses are turning to...

Electronic Signatures

Workflow automation is the process of using technology to streamline and automate repetitive tasks and complex processes, minimising the need for manual effort. With...

Electronic Signatures

SigniFlow Electronic Signatures in Papua New Guinea provide businesses and individuals with a secure, legally compliant way to sign documents electronically. The advanced features...

Newsletter

NEWS FROM SIGNIFLOW Welcome to the May newsletter In this edition, we will focus on the education sector and all the new and exciting...

Electronic Signatures

NEWS FROM SIGNIFLOW Welcome to our June newsletter! This month is packed with exciting updates and innovations from SigniFlow. We’re thrilled to announce our...

Electronic Signatures

In the world of logistics, where efficiency and precision are key, managing documents effectively is crucial. The logistics sector faces many challenges, from ensuring...

Electronic Signatures

The legality of electronic signatures in Ghana has become increasingly important in recent years as the country embraces digital transformation. As businesses and individuals...

Electronic Signatures

In the dynamic landscape of modern business, efficiency isn’t just a buzzword; it’s the heartbeat of success. That’s why we’re thrilled to announce the...

Electronic Signatures

With Digital Signing Services (DSS), you can generate large volumes of trusted digital signatures or digital seals for your organisation, application, or individuals using...

Electronic Signatures

SigniFlow Electronic Signatures in Ghana are revolutionising the way businesses and individuals handle document signing and approval processes. With the increasing adoption of digital...

Copyright © 2023 - SIGNIFLOW© SOFTWARE
Disclaimer: The information in this BLOG is provided for general informational purposes only and is the opinion of the author only. No information contained in this blog should be construed as legal advice from SigniFlow or the individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this blog should act or refrain from acting on the basis of any information included in, or accessible through, this blog without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.