Buzz
Dubbed Linux.BtcMine.174, this new malware is crafted for Monero cryptocurrency mining. Furthermore, this malicious code contains over 1,000 lines of various code to disable running services, hide files, and even pilfer user passwords.
Cutting-edge Linux Malware Enables Cryptocurrency Mining and User Credential Theft
To gain root access to the system, malicious code will attempt to relocate itself to a writable directory, access root, and escalate its own privileges using known exploits. Additionally, the malware adds itself to the autorun list and installs as a rootkit.
After completing these steps, Linux.BtcMine.174 will try to thwart software capable of cryptocurrency mining, halt services, delete related files (many of which pertain to antivirus software), and begin mining Monero cryptocurrency. Furthermore, the Rootkit can even steal passwords entered by users in the su command.
The virus attempts to find various infected systems by scanning all servers that the system has connected to via SSH and then connecting to them.
As of now, there is no solution to limit or prevent Linux.BtcMine.174. Users are advised to use antivirus software to Scan for Viruses and Rootkits on Linux, such as Dr.Web, to check if their devices are infected.
To download and install Dr.Web on your machine, visit here: Download Dr.Web
Currently, there are many reputable cryptocurrency exchanges available. You can explore and choose a suitable cryptocurrency exchange for the type of cryptocurrency you are mining.
