Illegal torrenting identified as source for new Monero (XMR) malware
Avast Antivirus (AA) has turned up a newly discovered Monero mining malware, which they call “Crackonosh.”
Crackonosh is distributed as a trojan with cracked software. It searches for and disables many popular antivirus programs as part of its anti-detection and anti-forensics tactics.
Monero is said to be the top choice for cybercriminals looking to hijack computing resources to mine cryptocurrencies. One report claims Monero mining malware is responsible for more than 4% of XMR in circulation.
With piracy on the rise in 2021, this is an issue that will only gather steam going forward.
Crackonosh nets hackers $2 million in Monero
According to AA, the Crackonosh malware is hidden in torrent files of popular games, including NBA 2K19, Grand Theft Auto V, Far Cry 5, and The Sims 4.
Users expose themselves by visiting torrent sites to download and install the games. Following installation, Crackonosh secretly uses the computer’s processing power to mine Monero for the hackers.
So far, it has netted hackers 9,000 XMR, which is valued at just under $2 million at the current price.
“The main target of Crackonosh was the installation of the coinminer XMRig, from all the wallets we found, there was one where we were able to find statistics. The pool sites showed payments of 9000 XMR in total, that is with today prices over $2,000,000 USD.”
Avast researcher Daniel Benes warned that infected users might experience a noticeable slow down in computer performance or even higher than normal electricity bills.
He estimates that 220,000 users have been infected worldwide, with Brazil, India, the U.S., and the Philippines identified as Crackonosh hotspots. Up to 800 devices daily are being infected.
But Benes said the figures are likely much higher as his data only accounts for devices with Avast Antivirus installed. He added that the problem would persist as long as people continue pirating.
“As long as people continue to download cracked software, attacks like these will continue to be profitable for attackers.The key take-away from this is that you really can’t get something for nothing and when you try to steal software, odds are someone is trying to steal from you.”
Piracy stats are mind-blowing
Data compiled on piracy statistics show over 50% of recorded visits go to streaming sites, with torrent and direct download portals also popular choices for users looking for free content.
The figures reveal a staggering effect on global losses and internet bandwidth.
“Annual global revenue losses from digital piracy are between $40 and $97.1 billion in the movie industry.Illegal downloading of copyrighted materials takes up 24% of the global bandwidth.”
It’s estimated that users who download pirated material are 28 times more likely to get malware infections.
The low cost and high returns for cryptocurrency malware make it an attractive proposition for hackers.
What’s more, researchers note malicious crypto-mining is a growing threat that faces little opposition.Source