Home » New Linux Malware Mines Cryptocurrencies Without Users Noticing

New Linux Malware Mines Cryptocurrencies Without Users Noticing


Recently, two threat analysts found a new Linux malware that keeps their cryptocurrency mining operations hidden on the affected computers.

In a publication made on September 16 in the security intelligence blog Trend Micro, Augusto Remiliano II and Jakub Urbanec reported the discovery of this new malware that affects Linux operating system. According to both analysts, this malware can be noticed due to the way it loads malicious kernel modules to hide its cryptocurrency mining operations.

This malware, called Skidmap, masks its cryptocurrency mining through a rootkit, which is a program that installs and executes code on a system without end user’s knowledge or consent. In this way, malware components cannot be detected by the infected system monitoring tools.

Skidmap not only executes a cryptojacking campaign on the infected machine, but also gives attackers unrestricted access to the affected system.

According to Remiliano II and Urbanec, Skidmap also establishes a way to gain access to the machine, replacing the pam_unix.so file of the system with its own malicious version. This malicious file accepts a specific password for any user, which allows attackers to log in as if it were any other user on the infected machine.

It should be noted that cryptojacking campaigns and ransomware attacks have been increasing during the current year. According to a threat report published in August by cybersecurity company McAfee Labs, cryptojacking campaigns have increased by up to 29%.

Source: https://cointelegraph.com/news/new-linux-malware-mines-crypto-while-remaining-undetectable

About the author

Jhon Fernando

Jhon Fernando

Internet marketing and cripto currency journalist / writer. He has a degree in Linguistics from Universidad de Los Andes, in Venezuela. Passionate about digital marketing, with knowledge in topics related to technology and web positioning.

Add Comment

Click here to post a comment

The following GDPR rules must be read and accepted:
This form collects your name, email and content so that we can keep track of the comments placed on the website. For more info check our privacy policy where you will get more info on where, how and why we store your data.