CyberSecurity news
FlagThis
Sunny Yadav@eSecurity Planet
//
A large-scale cryptocurrency miner campaign is currently targeting Russian users, employing the SilentCryptoMiner malware. The malware disguises itself as a legitimate tool designed to bypass internet restrictions, enticing users to download and install it. This campaign has already affected over 2,000 Russian users, who were tricked into downloading fake VPN and DPI bypass tools.
The attackers are distributing the malware through popular YouTube channels, with some boasting over 60,000 subscribers. The malicious files are presented as safe tools, while in reality, the archive contains a Python-based loader that retrieves the miner payload. To further their deception, attackers instruct victims to disable their antivirus programs, falsely claiming they trigger false positives, further exposing their systems to persistent, hidden threats.
ImgSrc: assets.esecurit
References :
The attackers are distributing the malware through popular YouTube channels, with some boasting over 60,000 subscribers. The malicious files are presented as safe tools, while in reality, the archive contains a Python-based loader that retrieves the miner payload. To further their deception, attackers instruct victims to disable their antivirus programs, falsely claiming they trigger false positives, further exposing their systems to persistent, hidden threats.
ImgSrc: assets.esecurit
Share:
References :
- securityaffairs.com: Large-scale cryptocurrency miner campaign targets Russian users with SilentCryptoMiner
- thehackernews.com: SilentCryptoMiner infects 2,000 Russian users via fake VPN and DPI Bypass Tools
- eSecurity Planet: SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN Tools