Osno Malware
The Osno Malware is a relatively new project, which boasts features typical for infostealers and Trojanized cryptocurrency miners. The Osno Malware shares some similarities with older malware such as the Babax Stealer, and some cybersecurity experts suspect that the same group of criminals might be behind both of these projects. The first traces of the Osno Malware's activity date back to December 2020, and the malware appears to still being spread online actively. The Osno Malware may often hide in corrupted email attachments, pirated game or software installers, or fake downloads that are being promoted through shady online advertisements.
Users who fall victim to the Osno Malware will not notice any issues with their computer's behavior and performance because this threat is designed to work in the background and exfiltrate information from the compromised machine silently. Its core features enable it to:
- Grab passwords, browser history, bookmarks, cookies, and other data from Google Chrome, Mozilla Firefox and Opera browsers.
- Collect cryptocurrency wallets.
- Capture screenshots of active windows or the entire desktop.
- Collect files stored in specific folders (Startup, Pictures, Downloads, Documents, Videos, Temp and others).
The Osno Malware can also work as a clipboard hijacker (or clipper) – this threat can monitor the Windows clipboard and check if the values stored there can be resolved as a valid cryptocurrency wallet for Bitcoin, Ethereum, Monero or other cryptocurrencies. If the malware detects that the user has copied such a piece of data, it may replace the wallet address with one owned by the attacker silently. This way, they may be able to easily hijack cryptocurrency transactions.
The miner component of the Osno Malware is called DiabloMiner, and it is meant to utilize the system's CPU and GPU resources to mine for Litecoin, one of the most sought-after cryptocurrencies. While this operation is ongoing, a high amount of CPU and GPU resources will be consumed, hindering the system's overall performance.
The operators of the Osno Malware are continuing to distribute it actively, and it is important to take the necessary measures to protect your system from such threats. Start by using an up-to-date anti-malware application, and also remember to stick to browsing safe websites.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.