Yesterday, ESET, the information security company that produces the homonymous antivirus, revealed that it had discovered a new malware that mines Monero (XMR), LoudMiner.
The malware in question uses virtualisation software, QEMU (Quick Emulator), present on both Mac and Windows systems, to mine the cryptocurrency on the local virtual machine. The malware is spread through pirated copies of audio software plug-ins that interface via VST (Virtual Studio Technology) and uses an SCP (Secure File Copy) system with a username and SSH key allowing it to auto-update.
This represents a new form of crypto mining, as stated by the ESET researcher, Marc-Etienne M. Léveillé:
“LoudMiner targets audio applications, given the machines running these applications often have a higher processing power. These applications are typically complex and have a high CPU consumption, so users will not find this activity unusual. Using virtual machines instead of another leaner solution is quite remarkable, and is not something we have typically seen before”.
This new malware, first detected in August last year, comes in at least 4 different versions and, it can be completely removed only by resetting the operating system.
At the moment it is not known how much damage it has caused or how many Monero have been mined, but it is clear that once again Monero (XMR) remains the preferred cryptocurrency for this type of illegal activity.