Cyber security company Varonis has announced the discovery of a new Norman miner virus, which hides its presence from the task list.
The report says that Norman was accidentally discovered during an audit of the company that was attacked. The main feature of the miner virus is that when you open the task manager in Windows, the program finishes the mining process, so that the user does not realize that his computer has been infected. After the task manager closes, cryptocurrency mining starts again.
Note that Norman is mining the Monero cryptocurrency using the popular miner XMRig. The virus is written in the .NET programming language and has been obfuscated using Agile. For installation, the solution is used to create the Nullsoft Scriptable Install System installation packages, and the svchost system process is used to launch the virus itself. Interestingly, the virus also communicates with a remote server using PHP code.
After a deep analysis of the virus, the researchers concluded that Norman’s country of origin is France or any other French-speaking country, since phrases in French were found in the code.
Recall that in mid-June, Trend Micro announced the discovery of an entire botnet of the hacker group Outlaw, which distributes the mining component Monero.
Related posts:
Why do cryptocurrency Exist – Institutions 
Bitcoin and independent property rights 
NASDAQ on market manipulation: Everyone is now talking about regulating bitcoin and cryptocurrency 
Pilot Porsche on Ethereum blockchain to trace provenance materials 
Xfers from Singapore is going to use blockchain Zilliqa 
Make your own tokens with the Guarda wallet
