New WebCobra Cryptojacking Malware Uses Platform Specific Miners

WebCobra, a new Russian cryptojacking malware, has been discovered by McAfee Labs' researchers and observed while infecting and using architecture-based miners for x86 and x64 machines.

"Recently we examined the Russian application WebCobra, which silently drops and installs the Cryptonight miner or Claymore’s Zcash miner, depending on the architecture WebCobra finds," said McAfee Labs.

While McAfee Labs was not able to pinpoint the way WebCobra is spreading, they believe that there is a very high chance the cryptojacker uses rogue PUP installers as the means of infiltration and main droppers.

Moreover, WebCobra was observed on infected computing systems from Brazil, South Africa, and the United States, and using a unique infection technique consisting of dropping different miner payloads on x86 and x64 architectures.

To be more exact, whe... (read more)

No comments:

Post a Comment