Mining viruses spotted in Telegram chats, the software itself not infected

SecureList, a website managed by Kaspersky Lab, reports about the new way to disseminate mining viruses the hackers have discovered. Mining viruses are programs which harm the computer by intercepting computational power to mine cryptocurrency without the user not even knowing it. Money are being transferred to hackers. Now they use the attached files in Telegram chats.

The criminals found quite a clever method to disguise the file - a special RLO symbol which allows to rename the infected file in such a way that the sent file is displayed as having a PNG extension (or looks like a picture).

After the file is downloaded on the computer and opened, a mechanism which Bitnewstoday has already described several times is launched: the latent remote mining of ZCash or Monero. The main feature of this threat is that it’s impossible to launch it without the user’s consent. When it comes to the level of danger, this virus greatly varies from the threat of, for example, those viruses which lately infested the governmental sites of the United Kingdom and Australia. A harmless 3rd-party plugin for visually impaired was used as a breach. Over 4000 websites were infected as a result.