XMRIG TROJAN VIRUS!

[Whited35 15285]

Today, I have noticed a topic which was encouraging Cryptotalk forum members to install and run this XMRig CPU Miner Trojan virus. Fortunately, our smart and highly sensitive moderator has taken quick action to remove the topic before my report against that topic😍. Today, I decided to create this post to save so many guys falling into this one of the dangerous trap of hackers to misuse or hijack your computer's resources for their mining purposes. According to the research performed by Orenda Security, operators of this virus could easily use your device to mine cryptocurrencies Bitcoin, Monero, Dashcoin, and DarkNetCoin for them. 
We may accidentally install this Trojan Horse which is not our fault because trained hackers can cleverly mask their virus to attack according to their needs. According to the researchers, XMRig has an NVIDIA GPU and an AMD GPU version. They have cleverly masked their virus by allowing users to update Adobe Flash Player that looks real and I think so many users confidently update fake Adobe Flash Players to enter into their traps. 

 

So how can you detect if you have accidentally installed this virus on your PC? 

• Search whether your PC has this file "Winserv.exe" or not
• Go to "Task Manager" on your Windows PC and look for "xmrig.exe" in the process list
• If Windows installer automatically pops up to install fake Adobe Flash Player, check the publisher's info. If it is a virus, there should be "Unkown" publisher
• Check your computer if it is hotter than before. If the virus is already there, you might face the slower performance on your PC

 

How to be safe?

• Install the best and premium antivirus software with regular updates and schedule scan feature
• If you need Adobe Flash Player, go their official site
• Enable Firewall and safeguard features in Antivirus software
• Never click on the link coming from spam email
• Use good adblocker software and avoid visiting sites with bunch of suspicious ads

 

Be Safe! Thank You !
 

Edited August 11, 2020 by Whited35
Last point is added as per friend's recommendation.

[BTC Future 3946]

I've also noticed this article and it was very fishy. It also had a reply which was probably someone spamming about how good Monero is. Seriously a new member posting a link with a Monero miner. 

I didn't have time to find out what he was doing as I had to leave for a couple of hours.

Good job though @Whited35 and also good job to the mods for deleting it so fast.

[Whited35 15285]

9 hours ago, BTC Future said:

I've also noticed this article and it was very fishy. It also had a reply which was probably someone spamming about how good Monero is. Seriously a new member posting a link with a Monero miner. 

I didn't have time to find out what he was doing as I had to leave for a couple of hours.

@BTC Future Two things can be possible, either user is a beginner even in the crypto world who has no idea about this virus or he is already a trained hacker and has created a new account on this forum to cheat.Whenever I find free time while working in my day office, I visit this forum repeatedly to notice every new posts and I'd really like to help busiest moderators to make the things easier by reporting unusual activities. 

Personally, I believe that guy was scammer because he has involved his own XMR address with screenshot in his topic and suggesting to run command.Not only members on this forum, millions of guests are actively visiting this forum daily now let's imagine how sensitive created topics really are! We ought to thank @epidemia (No other moderators were active at that time) for taking the quickest possible action otherwise so many visitors could fall into this trap. Now all posts related with this virus are removed from this forum, 

[kyoukage01 3181]

I didn't know something like this has happened, as I was inactive in the forum during that time due to sickness. I will not ask about what that particular topic post exactly look like and not let curiosity get the better of me this time, but if this one is similar to some other topics with suspicious links I would occasionally spot and report then it is a good thing it was deleted the soonest possible time.

 

On 7/26/2020 at 12:30 AM, Whited35 said:

How to be safe?

Can you add this one?

• Refrain from going on websites that flood you with popups of suspicious advertisement and offers

 

Edited August 11, 2020 by kyoukage01

[Whited35 15285]

2 hours ago, kyoukage01 said:

Can you add this one?

• Refrain from going on websites that flood you with popups of suspicious advertisement and offers

 

@kyoukage01 Thanks a lot for this suggestion. Have a look at the last point. I have updated information as per your suggestion😊.More likely a trained hacker misused this forum to create topic by addressing the procedures to include a virus on our PC through a malicious mining software.Fortunately, moderator removed them to save so many people.

[Swapzone 174]

Thanks for the info! Many people don't know about it, they simply want ease and for this they fall into hackers' trap.

[Ridam 7455]

The mods has done great work by finding out and removing it from the forum. And i have searched winserv.exe and run a fill scan and hopefully my pc wasn't affected. And that's really a good thing and talking about being safe I do recommend everyone to avoid using cracked application like- "Sony Vegas Pro Crack". As hackers are attaching malware along with it and users are being fall on their social engineering attack. 

Edited August 13, 2020 by Ridam
Grammar mistake

[Whited35 15285]

9 hours ago, Ridam said:

"Sony Vegas Pro Crack". As hackers are attaching malware along with it and users are being fall on their social engineering attack. 

@RidamI never recommend cracked or pirated version of software to anyone else. It is really a smart way to protect your PC if you have not used such software. Only authentic products from authorized companies will be safe to use. 

[Raqeebzy 6456]

Thanks the OP for this good topic, surely a 5+ for this. I have been regularly saying and campaigning of the need for all cryptan, no matter what you choose to do for the need of getting a good, lincensed antivirus software that it looks like I am an ambassador for one of them. I have a very good lincensed antivirus both for mobile and PC that I don't even have to worry about viruses attack. 

It is the only safe heaven against virus, cracked or free antivirus software won't help to some extent.

[Whited35 15285]

On 8/13/2020 at 10:36 PM, Raqeebzy said:

I have a very good lincensed antivirus both for mobile and PC that I don't even have to worry about viruses attack. 

@Raqeebzy I am extremely surprised to see those guys who use cracked or pirated version of Antivirus software! I have found some other more serious cases of cryptojacking. Normal users never know how cleverly a hacker can masks a virus into his malicious software. If moderator epidemia did not take an immediate step against this virus, so many members would fall his(Hacker's) attractive schemes ! 

[Maaz sultan 265]

Thanks friend for Warn all the crypto members actually in these traps so new crypto members were traps for mining purposes user need full information about that software and download it from official site .

[malik6314193 5449]

First i will thanks to our moderators that they are active and making the forum clean from this type of scam. Second i also force our members avoid such type of thing like installing unknown application, click on unknown links. 

[Raqeebzy 6456]

19 hours ago, Whited35 said:

I am extremely surprised to see those guys who use cracked or pirated version of Antivirus software! I have found some other more serious cases of cryptojacking. Normal users never know how cleverly a hacker can masks a virus into his malicious software. If moderator epidemia did not take an immediate step against this virus, so many members would fall his(Hacker's) attractive schemes ! 

Buying a good antivirus software of price range between 5-$10 I think should not be a problem for anyone who has > $100 worth of crypto. It is just greed in my opinion. I have been using antivirus even before I started doing crypto because I keep sensitive files. It is no excuse, it should not be a problem even for shrimps like us.

[Whited35 15285]

14 hours ago, SilverF said:

Is it possible for this type of virus to attack a phone in the same way?

Yes, professional hackers can also misuse your phone's resources to mine cryptocurrencies for them. If you are android phone users, do not try to install apps from external app store like Apkpure, Apkmirror etc and always be careful while giving permissions of access to the apps. If some is asking you for so many permissions, immediately get way from them. 

[Moaz 7239]

Thank you for warning us about this dangerous virus that exploits the resources of our devices for the purpose of mining operations. I advise all forum members not to download any program on your PC or on your mobile phone from an unknown source and without making sure that it is safe and virus-free

[Whited35 15285]

3 hours ago, Raqeebzy said:

Buying a good antivirus software of price range between 5-$10 I think should not be a problem for anyone who has > $100 worth of crypto. It is just greed in my opinion.

@Raqeebzy Exactly. Greed has to do something and is responsible for one's huge losses! Safety first otherwise no money from crypto wallets. Antivirus like McAfee, Eset nod 32, and Kaspersky are the great option to protect device from online attack. 

[koussai999 1986]

Thank you very much for these tips for keeping the device safe from viruses. I think that we must be very careful and not install programs from official websites or from trusted sites

[iloveyobit 6599]

Fortunately, I did not find this virus in my device, but I am sure that there are many other types of viruses that work on using the device in order to mine and steal money from you .

[Whited35 15285]

6 minutes ago, iloveyobit said:

Fortunately, I did not find this virus in my device, but I am sure that there are many other types of viruses that work on using the device in order to mine and steal money from you .

Yes, hackers can trick us in every possible ways so I have been repeatedly suggesting guys on this forum to install paid antivirus software and while installing any software on PC, try to check publisher's info on pop up message of installation window otherwise  there are the chances you will be facing the serious crytptojacking problem. 

[Saj555 2250]

Sometimes people scam others or drag them towards disaster  by creating fake news. The moderators are always doing their job so fluently that they have removed the trojan virus post as soon as possible. But there are also other spams are available  about various cryptocurrencies also. We should be always  aware about those and you did a good job by definiting of this virus and showing them the way to delete  it. 

[iloveyobit 6599]

13 hours ago, Whited35 said:

Yes, hackers can trick us in every possible ways so I have been repeatedly suggesting guys on this forum to install paid antivirus software and while installing any software on PC, try to check publisher's info on pop up message of installation window otherwise  there are the chances you will be facing the serious crytptojacking problem. 

Yes, although we are in the year 2020 and you should be very minimal so that you do not need a protection program like I do, but there are some people who do not have much experience in dealing with sites.

[BrolySSJ 7899]

Excellent post that deals with a very important topic. all of the trojans that are being created now are cleverly disguised and most people do not even realize that their devices are infected. I myself had a torjan once which was infecting my machine and i immediately reset my pc in order to remove it as these can spread very fast and can be very dangerous. With regards to software, you should only install software from reputable and legit sites and only the original. avoid pirated versions of he software as these are more likely to contain viruses and trojans. Thank you for bringing this to our attention and the guide on how to see if our device has been infected. 

[Whited35 15285]

20 hours ago, Saj555 said:

Sometimes people scam others or drag them towards disaster  by creating fake news.

Scammers have found the way to trick innocent users by using scam news as well as fake paid ads to spread the false information. More users are unknowingly  attracted towards their traps to loss the huge efforts and amounts. 

[Captain Karim 0]

I think that having a powerful and up-to-date antivirus installed on a laptop is very important at this time, especially for those who use financial transactions over the Internet, we have become in a world where we hear every day about a new means of hacking and fraud, so it is always necessary to be careful.

[Whited35 15285]

13 hours ago, Captain Karim said:

I think that having a powerful and up-to-date antivirus installed on a laptop is very important at this time, especially for those who use financial transactions over the Internet, we have become in a world where we hear every day about a new means of hacking and fraud, so it is always necessary to be careful.

@Captain Karim Premium version of antivirus with the full protection is recommended to be safe from the scammers. ESET nod 32, Kaspersky, and McAfee can be the good option but it also depends on your Laptop's processors and RAM size.