Welcome, Guest. Please login or register.

Author Topic: New Cryptominer Takes New Steps to Avoid Detection  (Read 458 times)

0 Members and 1 Guest are viewing this topic.

Online CMDL_GUY

  • Administrator
  • Location: Mt. Sidney Virginia
  • Posts: 8183
    • www.lscg.net
New Cryptominer Takes New Steps to Avoid Detection
« on: August 20, 2019, 09:47:17 AM »
https://techtalk.pcpitstop.com


New Malicious Software Doesn’t Want to Be Seen

A new malware variant used to mine for cryptocurrency, identified as Norman, takes a unique approach to avoid detection. Cryptominers are malicious software hackers use that occupy the CPU usage of devices, often rendering them utterly useless. Unfortunately, many traditional antivirus solutions will not stop them, and they are difficult to detect. The most effective way to identify if your device is being used for cryptomining is to check the CPU use through Task Manager. That is unless you’re a victim of Norman.

The creators of Norman have designed the malware to terminate once Task Manager is accessed. Therefore, when users are checking their CPU use, it will not show the malicious software that is occupying the device. Then, once Task Manager is closed, Norman goes back to work.

The best way to avoid falling victim to cryptomining is to deploy a security solution that implements application whitelisting. Using an application whitelist will only permit known, trusted programs to execute.
"Government is not reason; it is not eloquent; it is force. Like fire, it is a dangerous servant and a fearful master." - George Washington

“Remember democracy never lasts long. It soon wastes, exhausts, and murders itself. There never was a democracy yet, that did not commit suicide.”   -John Adams

K4LRM

www.lscg.net

Faster horses, younger women, older whiskey, more money.

Online Keighlar

  • Moderator
  • Location: New Hampshire
  • Posts: 1605
Re: New Cryptominer Takes New Steps to Avoid Detection
« Reply #1 on: August 20, 2019, 06:56:01 PM »
I wonder if Process Lasso sees it.
“You know you’re in love when you can’t fall asleep because reality is finally better than your dreams.”
Dr Seuss

Online MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4634
Re: New Cryptominer Takes New Steps to Avoid Detection
« Reply #2 on: August 20, 2019, 09:16:34 PM »
I wonder if Process Lasso sees it.

Well it's on PC Pitstop's site, Supershield won't let it run.
-I'm only here because my flux capacitor is broken.