Some researchers were able to examine WAV audio files and uncover a malicious code that hackers supposedly utilize to mine cryptocurrencies on Oct. 16.
Those researchers who discovered the malware come from a software company that usually develops antivirus programs. Reportedly, WAV audio files hid a malicious code that mines cryptocurrency Monero.
Through steganography — the process of concealing malware codes inside ordinary-looking files — hackers were able to run this kind of malware campaign.
WAV files had a code that established remote access within victim machines and deployed a malware that generates financial revenue.
“When played, some of the WAV files produced music that had no discernible quality issues or glitches. Others simply generated static (white noise),” the report reads.
Amongst the hacking arena, crypto miners are a kind of malware payload popularly known for carrying out cryptojacking. In this form of attack, the malware will carry out its operations in the background unknown to the user.
Malicious WAV files found in the victim’s device will deploy CPU miners, thereby, enabling hackers to steal the processing resources, mine the cryptocurrency, and generate thousands of dollars monthly.
Popular hacker groups
The Lazarus APT Group (the notorious North Korean hackers) had generated another kind of malware that would evidently hide behind a fake cryptocurrency firm to target Apple Macs according to a previous report.
VirusTotal’s engines could not detect the malware at the time when researchers gave their warning. Back in summer 2018, Kaspersky Labs identified a Mac malware strain that closely resembles the sample that appeared.
Another threat group the Russian-backed Turla — aka Venomous Bear or Waterbug – was spotted in June by Symantec researchers. The group supposedly injected compromised computers of victims with a WAV track that is embedded Metasploit Meterpreter backdoor.