An unusual tool miningof cryptocurrency, LoudMiner, its researchers discovered ESET. LoudMiner uses virtualization software - namely QEMU (short for Emulator) on macOS and VirtualBox on Windows - to extract cryptocurrencies on a Tiny Core Linux virtual operating system.
LoudMiner is distributed through pirated copies of a software Plugin για εφαρμογές ήχου που ονομάζεται VST (Virtual Studio Technology). LoudMiner then mines cryptocurrency from within the compromised devices and uses SCP (Secure File Copy) with embedded username and SSH private key so that it can update itself.
"LoudMiner targets audio applications, as devices running these applications often have possibilities for more processing power," said Marc-Etienne M. Léveillé, Senior Malware Researcher at ESET. “These are usually complex applications with high CPU consumption, so users do not find this activity unusual. It is interesting and unprecedented that virtual machines are used instead of another, simpler solution,” Léveillé added.
According to ESET research, LoudMiner has been active since August 2018.
ESET emphasizes that in order for users to be safe, they should avoid downloading pirated copies of software. He also advises them to be wary of pop-up "additional" installers that appear unexpectedly, to beware of any higher CPU consumption, as well as new services and connections from strange domain names.
More details can be found in the report «LoudMiner: Cross-platform mining in cracked VST software», At WeLiveSecurity.com.