Malware used to mine Monero on infected Windows Servers has evaded detection by relying on a complicated self-improvement algorithm. In a paper published this week, researchers at the Israeli cybersecurity firm Check Point Software Technologies (NASDAQ:CHKP) have identified the cryptojacker software KingMiner and warned that it would likely continue to see updates, making it even harder to detect.

KingMiner, which mainly targets SQL Server and Internet Information Services (IIS) servers, relies on brute force methods to guess the password of the users and compromise the machine during the initial phase of the attack. The malware was initially discovered in mid-June 2018, with two improved versions being released shortly after. The Israeli researchers expect the number of KingMiner attacks to increase.

“The attacker employs various evasion techniques to bypass emulation and detection methods, and, as a result, several detection engines have noted significantly reduced detection rates. Based on our analysis of sensor logs, there is a steady rise in the number of KingMiner attack attempts.”

Metho…

This article appeared first on Cryptovest

Like this: Like Loading...