Digmine – New Malware, What is This? How it works? How To protect yourself?

We use Facebook messenger to chat with friends. But since many days , Messenger has seen many types of malware, and now more powerful malware target users.
In that sense, Digmine is a new malware that makes users scattered around the world. a new cryptocurrency-mining bot spreading through Facebook Messenger, which we first observed in South Korea. We named this Digmine based on the moniker (비트코인 채굴기 bot) it was referred to in a report of recent related incidents in South Korea.

It looks like a small video file that may come from your friends or anyone .

As soon as you open it, it will be running in the background,and take control of your Facebook account, and sends the same fake video file to all your friends without knowing.
& Also your computer / laptop connects to the command and control server managed by hackers from a different location. Your computer uses Monero to copy the crypto currency. With the RAM on your PC, the CPU will get slowed down and the PC will be slow.

How Digmine Works

According to Trend Micro’s analysis of Digmine, the code was built using the AutoIT scripting language to help automate the delivery of the cryptocurrency miner campaign. Cryptocurrency is created, or “mined,” using computing power to discover blocks. There are many different types of cryptocurrency, with Bitcoin not only being the most well-known but also having the highest value.

Digmine doesn’t mine Bitcoin, which typically requires GPUs or purpose-built systems. Rather, Trend Micro reported that Digmine is being used to mine the Monero cryptocurrency, which can be done with CPU-powered systems. Among the noteworthy aspects of the Digmine attack is its ability to propagate widely.

“If the user’s Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the file to the account’s friends,” Trend Micro stated in its analysis. “The abuse of Facebook is limited to propagation for now, but it wouldn’t be implausible for attackers to hijack the Facebook account itself down the line.”

Currently, the malware Autoit is a script of the automated tool that targets only users using desktop and laptops. It can be extended to the mobile key. So beware!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.