The latest report by cyber-security firm, Varonis finds that a new cryptojacking virus, Norman is targeting Monero cryptocurrency. The finding made public on August 14, hinting that it will mostly affect a mid-size company.
New Monero Mining Malware Detected
Monero is famously named as the “privacy-centric” cryptocurrency – however, the research on August 14 reveals that the Norman aims to mine CPU_centric coins like XMR/Monero and evade detection.
Norman is the new cryptojacking virus that will supposedly use the computing power of the user’s computers to mine cryptocurrencies. The case of Norman particularly highlights Monero (XMR) as it is based on XMRig and report described it as the “high-performance mining algorithm for Monero cryptocurrency”.
The research firm outlines that;
“Almost every server and workstation was infected with malware. Most were generic variants of crypto miners. Some were password dumping tools, some were hidden PHP shells, and some had been present for several years,”
It states that the malware closes crypto mining as soon as the user opens up the task Manager whereas it will re-launch the mining process again once the Task Manager closes. The Research noted;
“Norman employs evasion techniques to hide from analysis and avoid discovery,”
It’s worth mentioning that Monero is much likely a favorite cryptocurrency for hackers and attackers as crypto space witnessed several malware incidents for XMR earlier.
However, the security firm suspects that it has french variables in the code and accordingly notes this malware is likely derived from a country of French speakers. According to the researchers at Varonis, Norman is based on the PHP programming language. It went on adding;
“The malware may have originated from France or another French-speaking country: the SFX file had comments in French, which indicate that the author used a French version of WinRAR to create the file,”
Up until August 14, Norman attack almost every workstation and server at one “mid-size company.” Researcher indicates that the strain of Norman executes Monero mining in three steps, execution, injection and then crypto mining.
Disclaimer: The presented information is subjected to market condition and may include the very own opinion of the author. Please do your ‘very own’ market research before making any investment in cryptocurrencies. Neither the writer nor the publication (TronWeekly.com) holds any responsibility for your financial loss.