Malicious Code in WAV Files Helping Hackers to Mine Monero – BlockPublisher

The crypto community needs to stay vigilant, as threat researchers have recently discovered a new campaign by cybercriminals in which a malicious code is embedded in WAV audio files that helps hackers to mine cryptocurrencies.

Security breaches are one of the major problems that continue to plague the budding crypto and blockchain industry. The most troubling part about breaches is that they open a Pandora’s box of cyberattacks, which come in many forms like ransom malware attacks, crypto-jacking incidents amongst others for example.

Researchers at BlackBerry Cyclance, a software company dedicated to developing anti-virus programs, discovered the newest malware thread, according to reports on October 16th. The research revealed that cybercriminals are employing a method called steganography, whereby they are hiding malware inside WAV audio files, obfuscating it in plain sight. The report added:

Each WAV file was coupled with a loader component for decoding and executing malicious content secretly woven throughout the file’s audio data.

READ ALSO: Crypto Ponzi Scheme by Circle Society Robbed Investors’ Funds of Several Million Worth

The analysis by the firm unveiled that the malicious audio files were being delivered to the unsuspecting victims via targeted phishing emails. The report read:

When played, some of the WAV files produced music that had no discernible quality issues or glitches. Others simply generated static (white noise)

However, in reality, the audio files when downloaded on a system act as a vector to distribute the embedded malicious code. It then grants access of the targeted device to the hackers, who deploy CPU miners onto the victim’s device, right under their nose.

Once the CPU miners have been deployed successfully, it then moves to steal processing resources and generates thousands of dollars per month from mining. The analysis further revealed that some of the WAV files contain code associated with the XMRig Monero CPU miner, which means that the malicious code stealthily abuses the infected system to mine Monero.

READ ALSO: North Korean Hackers Attacked Mac OS with a Deceiving Malware

This code, in particular, is rather dangerous given the sophisticated techniques that have been employed in order to render it undetectable. The research report concluded that concealed strategies have made the detection process challenging.

The fact that threat actors have adopted such a complex obfuscation mechanism highlights the evolution of malicious tactics. And as the tactics evolve, so should the security infrastructure to successfully tackle such threats.

Earlier this year, the Famous cybersecurity company, McAfee released its threat report for August 2019, which showed a significant increase in crypto-jacking campaigns and ransom malware attacks. Considering the recent threat, it doesn’t seem to be getting any better for the crypto ecosystem.

Be the first to comment

Leave a Reply