A mining trojan hacks PCs

OS Windows can be infected, but there is a way to protect it
22 June 2017   971
Blockchain

Distributed database that is used to maintain a continuously growing list of records, called blocks.

New Trojan uses a NSA hacking tool to infect computers with Windows. The virus uses available resources on a PC to mine XMR (Monero).

Russian antivirus Dr.Web spotted this virus first. This trojan was discovered under the generic name Trojan.BTCMine.1259. Malware uses an NSA hacking tool named Doublepulsar. It is used to infect computers running non-secure Server Message Block (SMB) services – a network protocol that is being used for sharing files, printers, and serial ports.

Once infected, the virus creates a "backdoor" that allows the hackers to execute code on a machine. Then the NSA’s Doublepulsar exploit is being used to download an original malware loader onto the infected PC. Then the computer is scanned to determine if enough resources are available to execute its payload. If resources are available, a generic malware loader will download a cryptocurrency miner program and begin to mine XMR for the hacker’s wallet. Experts also note interesting "feature" -  virus is able to shut itself down when Task Manager is launched, allowing the malware to remain unspotted.

Trojan.BtcMine.1259 is not the first "mining" virus that uses the Doublepulsar exploit. A similar virus Eternalminer was detected last week. It targets Linux for XMR mining. Wannacry also incorporated Doublepulsar into its protocol, using the exploit as the basis for the SMD worm.

Doublepulsar exploited was spotted in April 2017 by Shadow Brokers with reports that over 36,000 computers had been infected by various viruses utilizing the exploit on April 21st. In April, experts suggested that the real number of infected machines was over 100000. The number of infected computers is now estimated to around 16000, due to Windows system update MS17-010.

'Kodak Miner' Turned Out to be a Scam

KashMiner by Spotlite USA was promoted as Kodak branded bitcoin miner 
17 July 2018   132

The KashMiner bitcoin miner, exhibited at the Kodak stand during the CES technology show in Las Vegas, was in fact a product designed to mislead potential consumers and with a potentially unattainable potential return. This is reported by BBC.

Spotlite USA is licensed by Kodak's lighting division, which allows it to use the famous brand in its products. In January 2018 the company introduced its miner and announced that it intends to lease it. According to its business plan, potential users had to pay a commission before getting the device. It was expected that after depositing $ 3,400, the customer will receive a device that will allow him to easily cover expenses and receive revenue from bitcoin mining.

However the company did not have an official Kodak license to use the brand in the production of mining equipment and initially overstated the indicators of the potential profit of its device, refusing to take into account the growing complexity and costs of bitcoin mining. The advertising materials reported that KashMiner brings $ 375 a month, which, subject to a 2-year contract, would allow the client to receive $ 5,600 of profit after paying a commission. Experts from the industry of cryptocurrency call this offer a scam.

There is no way your magical Kodak miner will make the same $375 every month.
 

Saifedean Ammous

Economist

CEO Spotlite USA Halston Mikail previously reported that he plans to install hundreds of miners at the headquarters of Kodak. According to him, he already managed to place 80 miners there, but the Kodak spokesman denied this information.

While you saw units at CES from our licensee Spotlite, the KashMiner is not a Kodak brand licensed product. Units were not installed at our headquarters.
 

Kodak Spokesman

In a phone call with the BBC, Spotlite's Halston Mikail said the US Securities and Exchange Commission (SEC) had prevented the scheme from going ahead.