Wednesday, March 3, 2021
CybersecFill
Advertisement
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
CybersecFill
No Result
View All Result
Home News

Attackers Distribute new JavaScript-based Trojan MonsterInstall using Game Cheats

Cybersecfill by Cybersecfill
June 20, 2019
in News
0
MonsterInstall Trojan
Share on FacebookShare on Twitter

Attackers have distributed new javascript based trojan in form of game cheats called MonsterInstall Trojan.

How was MonsterInstall Trojan Discovered?

The malware was discovered by Yandex which subsequently sent it over to Doctor Web’s research team for further analysis together with additional info on how the Trojan sample was distributed. The researchers were able to find that the Trojan — dubbed MonsterInstall — uses Node.js to execute itself on the victims’ machines.

How Does MonsterInstall Trojan Work?

MonsterInstall trojan will gain persistence by adding itself to the infected system’s autorun, in order to get automatically launched after the machine is rebooted.The downloader trojan also downloads the crypto mining module ‘xmrig.dll’ onto the infected system.

  • When users download the game cheat, they end up downloading a password-protected zip archive that contains an executable file.
  • Once launched, the executable file downloads the game cheat along with the MonsterInstall trojan components.
  • Once the trojan gets launched, it will gain persistence by adding itself to the infected system’s autorun, in order to get automatically launched after the machine is rebooted.
  • MonsterInstall then starts gathering system info and sends it to the C&C server controlled by the attacker.
  • The downloader trojan then downloads the crypto mining module ‘xmrig.dll’ onto the infected system.

The Cryptomining Module -TurtleCoin 

The cryptomining module loads the malicious executable ‘xmrig.exe’. The executable sends system information to its C&C server and gets back the miner configuration in the form of a JSON file.

Once the miner configuration file is loaded, it will automatically execute and start mining the TurtleCoin cryptocurrency.

“Developers of this malware own several websites with game cheats, which they use to spread the malware, but they also infect other similar websites with the same trojan. According to SimilarWeb’s statistics, users browse these websites at least 127,400 times per month,” Doctor Web researchers said.

This is not the first time gamers have been targeted by cybercriminals and it will most definitely not be the last. For instance, back in 2016, security researchers discovered a flurry of fake and booby-trapped money adders and cheat tools which would actually steal the gamers’ credentials.

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Tags: cybersecuritymalwareTrojan
Cybersecfill

Cybersecfill

An independent Nigeria cybersecurity blog aimed at sharing cybersecurity news, articles ,blog and opinins.

Next Post
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

0 0 vote
Article Rating
Login
guest
guest
0 Comments
Inline Feedbacks
View all comments

Subscribe

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

  • Trending
  • Comments
  • Latest
credit card cloning

How Credit/Debit Cards are Cloned / Preventing Card Cloning

December 26, 2019
Wifi 6 Security

Did Wi-Fi 6 come with an Improvement In Security?

May 13, 2019
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

July 1, 2019
Wireless Access Point

How To Secure Your Wireless Access Point (WAP)

August 3, 2019
Facebook

Facebook’s New Settings Allows Hackers To Easily Pentest Facebook,Instagram Mobile Applications

8
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

6
Cybersecurity Jobs

Cybersecurity Jobs – You can create your own Cybersecurity Role

4
open Source intelligence tools

Open Source Intelligence tools – OSINT

4
5G Dangers: What are the Cybersecurity implications?

5G Dangers: What are the Cybersecurity implications?

March 1, 2021
Key Differences Between Firewall And Antivirus

Key Differences Between Firewall And Antivirus

February 27, 2021
Cybersecurity for Remote Workers: 8 ways to work safer…

Cybersecurity for Remote Workers: 8 ways to work safer…

February 24, 2021
Cloud Account Hijacking

Cloud Account Hijacking

February 22, 2021

Recommended

5G Dangers: What are the Cybersecurity implications?

5G Dangers: What are the Cybersecurity implications?

March 1, 2021
Key Differences Between Firewall And Antivirus

Key Differences Between Firewall And Antivirus

February 27, 2021
Cybersecurity for Remote Workers: 8 ways to work safer…

Cybersecurity for Remote Workers: 8 ways to work safer…

February 24, 2021
Cloud Account Hijacking

Cloud Account Hijacking

February 22, 2021

© 2020 CybersecFill. All Rights Reserved.

No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us

© 2020 CybersecFill. All Rights Reserved.

wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply