• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
WebSetNet

WebSetNet

Technology News

  • Technology News
    • Mobile
    • Games
  • Internet Marketing
  • System Admin
    • Windows 11
    • Linux
    • Mac & Apple
    • Website Scripts
      • Wordpress
You are here: Home / Chrome Malware Alert: Malicious Digmine cryptocurrency – mining code spreading via Facebook Messenger

Chrome Malware Alert: Malicious Digmine cryptocurrency - mining code spreading via Facebook Messenger

August 5, 2020 by Martin6


Petya ransomware attack

With Cryptocurrency value on the rise, several cyber criminals have devised methods to dupe unwitting internet users and now, hackers have reportedly infected Facebook Messenger with malicious code for remote cryptocurrency mining.

Trend Micro's intelligence team has discovered a nefarious cryptocurrency-mining bot dubbed as Digmine, which is spreading through Facebook Messenger. First discovered in South Korea, it is steadily spreading across the world, which includes Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela.

As per the report, though it works across different platforms, Digmine only affects desktop/web browser (Chrome) version. Thank fully, if the file is opened on other platforms (e.g., mobile), the malware will not work as intended.

How Digmine infect computers?

Digmine malware is sent to victims posing as a harmless video file, but in reality, it is an AutoIt executable script.

If the user's Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the file to the account's friends and spread, Trend Micro claims.

As of now, the abuse of Facebook's auto login feature on Chrome browser is limited to propagation of Digmine for now, but it won't be a surprise if the cyber criminals highjack the whole social media account in near future.

Digmine is capable of getting updated with newer codes, as it can access from remote command-and-control (C&C) server.

Digmine, attack, chain, cryptocurrency, mining, monero

Chrome Malware Alert: Facebook Messenger infected with malicious Digmine cryptocurrency-mining code

A known modus operandi of Digmine is to spread to as many systems as possible and with increased hash rate, more income they get.

[Note: Hash rate is the speed at which a computer is completing an operation in the Bitcoin code. A higher hash rate is better when mining as it increases your opportunity of finding the next block and receiving the reward.]

Hackers are particularly mining Monero, alternate Bitcoins digital currency, which once gained, is said to be secure, private and untraceable.

Monero is a Proof of Work cryptocurrency that can be mined with computational power from a CPU or GPU. As per Cryptocompare, mining metrics are calculated based on a network hash rate of 496 MH/s and using a XMR - USD exchange rate of 1 XMR = $ 341.06. These figures vary based on the total network hash rate and on the XMR to USD conversion rate. Block reward is fixed at 5.77378715772 XMR.

Indicators of Digmine malware Compromise (IoCs):

Hash detected as TROJ_DIGMINEIN.A (SHA256);

  • beb7274d78c63aa44515fe6bbfd324f49ec2cc0b8650aeb2d6c8ab61a0ae9f1d

Hash detected as BREX_DIGMINEEX.A (SHA256):

  • 5a5b8551a82c57b683f9bd8ba49aefeab3d7c9d299a2d2cb446816cd15d3b3e9

Hash detected as TROJ_DIGMINE.A (SHA256):

  • f7e0398ae1f5a2f48055cf712b08972a1b6eb14579333bf038d37ed862c55909

C&C servers related to Digmine (including subdomains):

  • vijus[.]bid
  • ozivu[.]bid
  • thisdayfunnyday[.]space
  • thisaworkstation[.]space
  • mybigthink[.]space
  • mokuz[.]bid
  • pabus[.]bid
  • yezav[.]bid
  • bigih[.]bid
  • taraz[.]bid
  • megu[.]info

Here's how to protect your PCs from Digmine malware and ransomware:

  • Always keep your PCs updated with the latest firmware; most software companies including Microsoft and Apple usually send software updates regularly in terms of weekly or monthly and make sure to update them immediately
  • Make sure to use premium Anti-virus software, which also provides malware protection and Internet security
  • Never open email sent from unknown senders
  • Disable ActiveX content in Microsoft Office applications such as Word, Excel, etc.
  • Disable Remote Desktop Connections, employ least-privileged accounts. Limit users who can log in using Remote Desktop, set an account lockout policy. Ensure proper RDP logging and configurations
  • Never install plugins (for browsers) and application software on the PCs from un-familiar publishers
  • System administrators in corporate companies should establish a Sender Policy Framework (SPF) for their domain, which is an email validation system designed to prevent spam by detecting email spoofing by which most of the ransomware samples successfully reaches the corporate email boxes.

Original Article

Related posts:

  1. The Ultimate Guide to Header Bidding Wrappers
  2. A new Minecraft: Bedrock Edition patch update is rolling out to all players
  3. The Ultimate Guide to Email Marketing
  4. The ultimate guide to Remote Desktop — control your PC over the internet!
  5. How to buy cryptocurrency: A definitive guide to cryptocurrency investing
  6. How to Install Software from Source Code… and Remove it Afterwards
  7. The 9 Best Free Email Accounts and Service Providers of 2020
  8. How To Block Cryptocurrency Mining In Your Web Browser – 4 Best ways
  9. Best mining GPU 2018: the best graphics cards for mining Bitcoin, Ethereum and more
  10. How To Import Passwords Into Chrome From CSV File

Filed Under: Uncategorized Tagged With: alert, chrome, digmine, malicious, malware

Primary Sidebar

Popular posts

  • 5 Ways to Fix “Your SIM sent a Text Message” Issue on iPhone
  • 3 Ways to Disable GetApps on Xiaomi, Redmi, and Poco Phones Running MIUI
  • GeForce Experience not finding games? Fix it fast
  • How To Extract & Install tar.gz Files In Ubuntu
  • Discord Stream Has No Sound? 6 Ways to Fix
  • How to Highlight Duplicates in Google Sheets
  • How to check if your Android device supports Widevine DRM
  • 8 Best Sites to Read Manga Online for Free
  • Exclamation Mark on Network Signal, Mobile Data Not Working? 8 Ways to Fix
  • How to find a lost Apple Pencil using your iPad (1st and 2nd gen)
  • 3 Ways to Hide Tabs in Google Chrome
  • How to Fix YouTube Server Connection Error [400] on Android
  • How to Track a Stolen or Lost Nintendo Switch
  • What is Android System Intelligence, and why is it on your phone?
  • How To Search On Google Using Image or Video
  • Microsoft Edge's newest feature? Shopping in Microsoft Edge
  • How to Change the Last Modified Date, Creation Date, and Last Accessed Date for Files and Folders

Footer

Tags

Amazon android Apple Asus available download: edge feature features first free from galaxy Game games gaming gets google install Intel iPhone launches linux Microsoft more OnePlus phone release released review: samsung series support this Ubuntu update using video watch what will windows with xbox your

Archives

  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org