360 Total Security Center released a blog post stating that they had received some information about a malware infection which will use the victim’s computer to mine cryptocurrency.
360 Security is an internet company that provides antivirus to users to protect their computers from a virus or any type of malware. It is popular and is used in most of the computers around the world.
The malware enters the victim’s computer after installing the application One System Care. The malware then infects the computer with a cryptocurrency miner in which DNS settings will be altered and ads will be displayed. It will also have constant updates by creating a PowerShell script which will hide the malware from the systems scheduled tasks. The miner will then proceed to mine cryptocurrency.
The malware would run a scheduled time and would be used to mine cryptocurrency. Even if the victim deletes the malware, it would recreate itself as long as the PowerShell script would remain in the computer.
The Malware would work in such a way that it would disguise itself with a legit software and use PowerShell to avoid antivirus detection. It would also encrypt its own command and control protocol to avoid interception of the firewall.
The malware affected over a million computers and 360 total security received various complaints from customers. The company took care of the problem and saved all the computers. They also reminded customers to enable/update the new antivirus software to protect themselves from future viruses like these.
Marvell, a Twitter user says:
“My computer was infected with this malware but thanks to 360 it is safe. They responded quickly and solved the problem as soon as possible.”
Jade, another Twitter user says:
“People need to be really aware on what they install if they install applications without knowing if they are legit or not they will fall into these traps which will end up costing them a lot of money.”