Home » Hackers hide Malicious Code and Cryptominers in WAV Audio Files for Mining Crypto
Cryptocurrency

Hackers hide Malicious Code and Cryptominers in WAV Audio Files for Mining Crypto

crypto

Some researchers were able to examine WAV audio files and uncover a malicious code that hackers supposedly utilize to mine cryptocurrencies on Oct. 16.

Those researchers who discovered the malware come from a software company that usually develops antivirus programs. Reportedly, WAV audio files hid a malicious code that mines cryptocurrency Monero.

Through steganography — the process of concealing malware codes inside ordinary-looking files — hackers were able to run this kind of malware campaign.

WAV files had a code that established remote access within victim machines and deployed a malware that generates financial revenue.

“When played, some of the WAV files produced music that had no discernible quality issues or glitches. Others simply generated static (white noise),” the report reads.

Amongst the hacking arena, crypto miners are a kind of malware payload popularly known for carrying out cryptojacking. In this form of attack, the malware will carry out its operations in the background unknown to the user.

Malicious WAV files found in the victim’s device will deploy CPU miners, thereby, enabling hackers to steal the processing resources, mine the cryptocurrency, and generate thousands of dollars monthly.


Popular hacker groups

The Lazarus APT Group (the notorious North Korean hackers) had generated another kind of malware that would evidently hide behind a fake cryptocurrency firm to target Apple Macs according to a previous report.

VirusTotal’s engines could not detect the malware at the time when researchers gave their warning. Back in summer 2018, Kaspersky Labs identified a Mac malware strain that closely resembles the sample that appeared.

Another threat group the Russian-backed Turla — aka Venomous Bear or Waterbug – was spotted in June by Symantec researchers. The group supposedly injected compromised computers of victims with a WAV track that is embedded Metasploit Meterpreter backdoor.

Sources: https://cointelegraph.com/news/hackers-use-malicious-code-in-wav-audio-files-to-mine-cryptocurrencies
https://threatvector.cylance.com/en_us/home/malicious-payloads-hiding-beneath-the-wav.html

About the author

James Lovett

James Lovett

James is a passionate writer on cryptocurrency industry and other disruptive technologies in the crypto world. He has written several crypto articles for numerous websites and blogs over the years.

Add Comment

Click here to post a comment

The following GDPR rules must be read and accepted:
This form collects your name, email and content so that we can keep track of the comments placed on the website. For more info check our privacy policy where you will get more info on where, how and why we store your data.