Specializing in cyber security company Varonis has discovered a new virus-miner, quietly mining cryptocurrency Monero (XMR) on the user device.
In the company’s report States that the miner called Norman is that it is difficult to detect in the system. So, when you open the task Manager on the device under Windows OS, the program completes the process of mining. Accordingly, after closing task Manager, the miner is restarted. Thus, the user does not even realize that his computer is infected.
The program is produced by popular Monero miner XMRig. To install system is used to create installation programs Nullsoft Scriptable Install System (NSIS), and to launch the virus — system process svchost.
Varonis experts also came to the conclusion that the virus could be created by developers from France or some other Francophone country.
«File format SFX included comments in French. This suggests that the creation of the file was used the French version of WinRAR», — said representatives of the company.
ForkLog previously reported about the hidden BlackSquid miner, mining Monero.