Analysts Say Bad Actors Installed Cryptocurrency Miner on Website

Analysts say bad actors create the scenario on the website that installed the malware on download cryptocurrency miner.

This was revealed by Group-IB, a Singapore-based cybersecurity company in a modern blog post that educational not disclosed website he fell victim to a hidden hidden mining campaign.

According to the company blog post, threat actors are listed a hidden script on the website allowed them to remotely install malware on for every visitor computer and for download cryptocurrency miner from chrome-error[.]a company. Although Group-IB did not mention the name of the educational company’s website online, the platform received “5 million visits per month.”

Malware Archive Downloads Mining Program

Analysts say the malware archive — downloaded to the victim’s Downloads folder — contained an executable file that installed a mining program. Software XMRig Coinminer for mining Monero (XMR). XMRig is a well-known mining platform software between cyber criminals and scammers as it allows bad actors to remain anonymous by concealing the identities of the sender and recipient, as well as almost all transaction details.

While the scale of scheme remains not clear, Group-IB notes hidden mining software from the archive for some unknown reason has not been launched on infected computers. Group-IB says it has notified its clients of the threat and shared recommendations on preventing consequences.