Mining

What Is Mining?

Digital currency, which is decentralized and valuable, is getting more attention nowadays. Black and gray markets obtain digital currency through malicious mining.

Mining is a process of occupying victims' system and network resources and obtaining digital currency through a large amount of computing without permissions.

The machines that can be remotely controlled by attackers are called zombies, which can be the Windows, Linux, or Unix servers of companies, schools, or even governments and militaries.

Mining occupies a large number of system resources and leads to performance deterioration of other software or services. In addition, hackers may use mining programs to obtain confidential information, such as confidential files and the usernames and passwords of key assets.

Cases

The following are several cases of mining:

Case 1:
1. An abnormal file (usually marked with xmr or mine) is detected.
2. Analyze the file. A mining pool is detected. Verify that the URL is a malicious mining pool address.
Case 2:
1. A mining process is detected from a Windows host.
2. Abnormal files are detected from the host.
3. Analyze the file. A mining pool is detected.
4. Verify that the URL is a malicious mining pool address.