Advertisement Short Link Hidden Mining Trojans Over 15 Million Computers Worldwide Become Miners

release time:2020-05-12 09:22 classification:Industry News Views:344Times

With the rapid development of network technology and social software, more and more people are familiar with beautiful and convenient short links. Using short links to jump to long web sites has become a common way for users to share links. However, because the short link hides the long URL it points to, users often can't know the type of URL it really points to from the short link, so there are frequent incidents of computer poisoning caused by clicking the poisonous short link by mistake.

Recently, Tencent Yujian Threat Intelligence Center detected a mining Trojan named Novell miner, which was hidden in the short links of advertisements and spread wildly. According to statistics, at present, more than 15 million users in more than 100 countries download the Novell miner mining Trojan horse due to the delayed use of toxic advertising pages, which makes personal computers become illegal mining machines.

At present, Tencent computer steward has stopped and killed the Trojan virus in real time, and reminded users to strengthen prevention, do not open links from unknown sources at will. At the same time, Tencent's computer manager & ldquo; anti mining protection & rdquo; function has covered the full version of users. It can intercept and warn all kinds of mining Trojan programs and the operation of web pages containing mining JS scripts in real time, so as to ensure that users' computer resources are not encroached and have a light online experience.

(picture: Tencent computer housekeeper intercepts the mining trojan in real time)

It is reported that the Novell miner mining Trojan discovered this time made profits by digging ETN coins (in order to benefit Fang coins). ETN, as a branch currency of mining new pet Monroe, is favored by lawbreakers because of its huge circulation and low demand for mining calculation. Under the control of illegal hackers, the download link of novelminer mining Trojan horse is hidden in the short link. Because the file name of Trojan horse will not be exposed in the link, it is difficult for users to identify the link before clicking, and it is easy to download the mining Trojan horse by mistake, which causes the computer to slow down and jam due to the occupation of CPU resources, until the system operation is affected.

After the traceability analysis of novelminer mining Trojan, Tencent Yujian Threat Intelligence Center found that the origin of the Trojan in the short link can be traced back to March 2017, and now it has developed to V4 version. Based on the daily peak of computing power controlled by the new version of the Trojan in the world, a single account and single currency can get 90000 ETN coins a month, about 3000 US dollars, while Novell miner mining trojan is currently using more than 10 mine pool accounts.

It can be seen from the machine name of the author of Novell miner mining Trojan that the author of the virus belongs to Russian region. Up to now, the Trojan horse has affected more than 15 million countries in the world, including Russia, China and Thailand. From the distribution of the affected provinces and cities in China, the eastern coastal areas and the northeast area close to Russia are more affected.

(Figure: distribution of influence degree of domestic mining Trojan by novelminer)

In the face of the continuous rampant mining Trojan horse, Ma Jinsong, the head of Tencent security anti virus laboratory and security expert of Tencent computer manager, reminds users: do not open unknown links from unknown sources at will; it is very dangerous to download exe files after the short link jump, if found, it should be terminated immediately; if found that the computer card is slow, the CPU usage should be checked immediately, if found, the suspicious process can be closed in time; Keeping Tencent computer Butler and other security software running normally can effectively protect against most Trojan viruses.

Key words: computer Trojan

Scan Us

Address:Good view business centre, Garden Street, Mongkok, Kowloon, Hong Kong


Copyright © AladdinMiner