Linux Cryptominer Uses Virtual Machines to Attack Windows, macOS

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/linux-cryptominer-uses-virtual-machines-to-attack-windows-macos/

A new cryptocurrency mining malware dubbed LoudMiner uses virtualization software to deploy a Linux XMRig coinminer variant on Windows and macOS systems via a Tiny Core Linux virtual machine.

The malware comes bundled within cracked copies Windows and macOS VST software such as Propellerhead Reason, Ableton Live, Sylenth1, Nexus, Reaktor, and AutoTune.

LoudMiner is distributed via an attacker-controlled website which currently links to 137 VST-related apps, 42 of them for Windows and 95 for the macOS platform, all of them frequently updated and hosted on 29 servers, as discovered by ESET Research's detection engineer Michal Malik.

LoudMiner: Cross-platform mining in cracked VST software

ESET researchers have uncovered an unusual miner that comes bundled with pirated copies of VST audio software and mines cryptocurrency on virtual machines.

www.welivesecurity.com