Home Malware Programs Trojans AcruxMiner

AcruxMiner

Posted: November 19, 2018

The AcruxMiner is used in a Trojan cryptocurrency mining campaign, which targets servers predominantly, but it also might affect some regular computers as well. The operation was discovered thanks to a cybersecurity researcher who came across the Web administration panel used by the AcruxMiner’s operator to control the machines used for the illegal cryptocurrency mining process.

According to the settings of the AcruxMiner, the attacker uses the email address nicolas03011970@gmx.com to access his account in the mining pool that he uses to mine and store his gains. It is not known how the AcruxMiner is propagated, but it is likely that the attacker might rely on multiple attack vectors – spam emails, fake downloads, exploiting remote desktop software vulnerabilities and others.

Having the AcruxMiner running on your server might worsen the performance significantly since this software is likely to consume a staggering amount of CPU resources. So far, the AcruxMiner has been used to mine for the Monero cryptocurrency, but there is nothing to stop the attacker from expanding the miner’s ability to work with other cryptocurrencies too.

The best action to keep your systems safe from Trojan miners is to ensure that they are protected by a trustworthy anti-virus product. In addition to this, it is also a good idea to monitor all active process since spotting a Trojan miner can be rather easy since they tend to consume over 60-70% of the available CPU resources.

Loading...