Threat researchers have discovered malicious code in WAV audio files, code that hackers use to mine cryptocurrencies.

Hackers earn thousand of dollars per month

On Oct. 16, researchers at BlackBerry Cylance, a software company that develops antivirus programs, reported the discovery of malicious code hidden within WAV audio files. This type of malware campaign, where hackers conceal malware codes in ordinary-looking files, is known as steganography.

The analysis showed that some of the WAV files contained code to deploy malware for financial gain and establish remote access within victim machines. The report reads:

“When played, some of the WAV files produced music that had no discernible quality issues or glitches. Others simply generated static (white noise).”

The malicious WAV files allow hackers to deploy CPU miners onto the victim’s device, which steals processing resources and generates thousands of dollars per month from mining cryptocurrency. For that reason, crypto miners are a popular malware payload among hackers as they provide financial benefit while operating in the background without the user’s knowledge — an attack commonly called cryptojacking.

North Korean hackers target Apple Macs

Cointelegraph previously reported that the notorious North Korean hackers known as the Lazarus APT Group have created another malware that targets Apple Macs and hides behind a fake cryptocurrency firm.

Researchers said that, at the time of their warning, the malware was undetected by any engines on VirusTotal. The sample appeared to be closely related to a strain of Mac malware identified by Kaspersky Labs back in summer 2018.