A new type of ransomware capable of mining cryptocurrencies, called Xbash, has been discovered by security experts at Palo Alto Networks. The plague has several versions and attack modes and can spread on Windows PCs and Linux Internet servers, if they are without security updates. The study on the new virus was released by the company on Monday (17).
READ: Router hit already hits thousands of homes in Brazil; avoid
On servers, Xbash behaves like a ransomware (virus that hijacks the computer), but completely destroys the data even if the ransom is paid. On computers, the virus installs itself as a hidden miner to generate cryptocurrencies.
What ransomware: five tips to protect yourself
Want to buy cell phones, TV and other discounted products? Meet Compare dnetc
Experts have found that when Xbash infects Windows PCs, the malware behaves like a cryptocurrency generator serving criminals. In this sense, it causes an overload on the system, since the generation of virtual currencies is an intense process and, in many cases, can cause slowness and crashes on the victims' computer.
In the case of infection of machine servers on which Internet services are executed and data related to them are stored, Xbash behaves like an aggressive ransomware: the malware completely destroys the data stored on the server and triggers a ransom request to the victims. Even with the due payment, the data is not reinstated, since it has been completely deleted.
According to Palo Alto Networks, it is already possible to identify a chain of ransom payments in Bitcoin's transaction logs. To date, criminals behind the virus have received at least $ 6,000 (about R $ 25,000) in amounts paid by the victims.
Technicians who identified the threat found that Xbash has a sophisticated hiding system to prevent the virus from being discovered. In addition, unknown forms of propagation have been verified, created by the malware developers to expand their action base, if measures to prevent infections begin to be applied.
According to experts, Xbash exploits vulnerabilities already documented and, to some extent, fixed operating systems. Therefore, the best way to prevent infections is to ensure that the operating system is up to date with updates.
Via Palo Alto Networks and Softpedia