Connect with us

Hi, what are you looking for?

News

SA experts stop bitcoin virus

Bitcoin virus

Bitcoin-mining virus stopped: White hat ethical hacker William Vermaak, from PBSA’s digital arm pbDigital, and senior software developer Morne Wilken, detected malicious activity on one of their customer’s servers last week. The two immediately analysed the source of the virus and uninfected the server.

According to Vermaak, the virus had gone undetected by all available virus packages.

“We submitted samples to ESET the next day and [the company] immediately responded from its virus lab in Denmark, confirming the virus was wild and that detection for the threat had been added to its latest definition updates.”

By the time of detection, the virus had already infected 0,04% of Windows computers in South Africa. Russia was hardest hit, with 0,5% of all Windows computers infected.

Essentially a Bitcoin-mining virus, the Winlog Virus downloads a Bitcoin CPU miner on the victim’s computer, and then mines Bitcoins for the virus originator.

Vermaak says this type of virus is particularly evasive. “It tries to make itself resilient and configures various system schedules to start it again if it’s stopped. The virus will also install itself on the system as a system service.

“The virus infiltrates the System Registry and changes some keys to make itself run again if it’s shut down. Shortcuts on the victims’s Desktop are modified to run the virus and these then run the original program, in an attempt to mask it’s presence. The virus also copies itself into various other files on the system — including Microsoft.exe — to try ensure resilience.”

Almost three months ago, Russian president Vladimir Putin’s Internet advisor, Herman Klimenko, issued a dire public warning that 20% to 30% of all computers in Russia were infected with computer malware designed to turn devices into Bitcoin-mining machines.

At the time, Klimenko told Moscow-based news broadcaster RBC that viruses that install bitcoin-mining software are the “most common and most dangerous” type of computer malware in existence.

Published by IT-Online on 17 October 2017:

You May Also Like

Electronic Signatures

eSignatures are no longer a luxury for regulated industries – they’re a compliance requirement. But the question remains: How do you adopt secure eSignatures...

Electronic Signatures

Can I host my eSignature platform fully on-premises? Yes, and for many institutions across Europe, UK, Latin America, , South Africa, Asia, and the...

Electronic Signatures

In a remote-first world, IT Managers are expected to deliver seamless, secure, and legally compliant solutions across borders. One key question they face is:...

Electronic Signatures

Global eSignature platforms have reshaped the way organisations manage digital workflows — but for regulated industries, regional data residency remains essential. Whether you’re operating...

Electronic Signatures

Understanding the difference between digital and electronic signatures is crucial for businesses navigating today’s digital landscape. The difference between digital and electronic signatures lies...

Electronic Signatures

Administration is the beating heart of education, but when a private school is drowning in paperwork, it can’t function efficiently. Just ask Thandi, the...

Electronic Signatures

For IT Managers, enabling secure and efficient eSign workflows across distributed teams is non-negotiable. As remote work continues to rise, finding the right eSign...

Electronic Signatures

A document audit log is a crucial tool for maintaining the integrity and security of digital documents. By tracking every action taken on a...

Electronic Signatures

Businesses move fast, and signing agreements on paper slows things down. That’s why many ask: Are digital signatures legally binding for digital contracts? Whether...

Electronic Signatures

Why do you need to sign documents online?  Paper-based processes slow you down. Printing, signing, scanning, and emailing documents isn’t just time-consuming—it creates delays,...

Copyright © 2023 - SIGNIFLOW© SOFTWARE
Disclaimer: The information in this BLOG is provided for general informational purposes only and is the opinion of the author only. No information contained in this blog should be construed as legal advice from SigniFlow or the individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this blog should act or refrain from acting on the basis of any information included in, or accessible through, this blog without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.