Researchers Uncover Threat of Unusual Virtual Machine Crypto Mining

Cybersecurity firm ESET has detected what it describes as an unusual and persistent cryocurrency miner distributed for macOS and Windows since August 2018. The news was revealed in a report from ESET Research published on June 20. According to ESET, the new malware, dubbed LoudMiner, uses virtualization software VirtualBox on Windows and QEMU on macOS to mine crypto on a Tiny Core Linux virtual machine, thus having the potential to infect computers across multiple operating systems. The miner itself reportedly uses XMRig an open-source software used for miningprivacy-focused altcoin monero (XMR) and a mining pool, thereby purportedly thwarting researchers attempts to retrace transactions.The research revealed that for both macOS and windows, the miner operates within pirated applications, which are bundled together with virtualization software, a Linux image and additional files.Upon download, LoudMiner is installed before the desired software itself, but conceals itself and only becomes persistent after reboot.