A Tiny Core Linux 9.0 image configured to run XMRig runs on a VM, rather than victim machines hosting the malware locally.
An unusual cryptocurrency miner, dubbed LoudMiner, is spreading via pirated copies of Virtual Studio Technology. It uses virtualization software to mine Monero on a Tiny Core Linux virtual machine – a unique approach, according to researchers.
Virtual Studio Technology (VST) is an audio plug-in software interface that integrates software synthesizers and effects in digital audio workstations. The idea is to simulate traditional recording studio functions. ESET analysts recently uncovered a WordPress-based website hawking trojanized packages that incorporate the popular software, including Propellerhead Reason, Ableton Live, Reaktor 6, AutoTune and others. In all, there are 137 VST-related applications (42 for Windows and 95 for macOS) available for download on the site.
Upon downloading, an unwitting audiophile’s computer would be infVirtual Studio Technology (VST)ected with LoudMiner, which consists of the VST application bundled with virtualization software, a Linux image and additional files used to achieve persistence. It uses the XMRig cryptominer hosted on a virtual machine. So far, three Mac versions and one Windows variant of the malware have been uncovered.
“Regarding the nature of the applications targeted, it is interesting to observe that their purpose is related to audio production,” wrote Michal Malik, researcher at ESET, in a posting on Thursday. “Thus, the machines that they are installed on should have good processing power and high CPU consumption will not surprise the users.”
Because the victim would also get a functioning version of the application that they expected, the attackers gain some air cover.
“These applications are usually complex, so it is not unexpected for them to be huge files,” Malik explained. “The attackers use this to their advantage to camouflage their virtual machine (VM) images.”
Despite the efforts at camouflage, victims quickly become aware that something’s amiss, thanks to system slowdowns, according to forum postings.
“Unfortunately, had to reinstall OSX, the problem was that Ableton Live 10, which I have downloaded it from a torrent site and not from the official site, installs a miner too, running at the background causing this,” said a user named “Macloni.”
“The same user attached screenshots of the Activity Monitor indicating 2 processes – qemu-system-x86_64 and tools-service – taking 25 percent of CPU resources and running as root,” said Malik, adding that some users found a full 100 percent of their CPU capacity hijacked.
Using a Virtual Machine
LoudMiner uses QEMU on macOS and VirtualBox on Windows to connect to a Linux image running on a VM – more specifically, it’s a Tiny Core Linux 9.0 image configured to run XMRig. The victim’s machine is added to a mining pool that the Linux image uses for CPU power.
Malik noted that that the decision by the malware authors to use VMs for performing the mining instead of hosting it locally on the victim’s computer is “quite remarkable and this is not something we routinely see” – although it’s not unheard of for legitimate miners to deploy the strategy to save money.
“User downloads the application and follows attached instructions on how to install it. LoudMiner is installed first, the actual VST software after,” he explained. “LoudMiner hides itself and becomes persistent on reboot. The Linux virtual machine is launched and the mining starts. Scripts inside the virtual machine can contact the C2 server to update the miner.”
He said that in order to identify a particular mining session, a file containing the IP address of the machine and the day’s date is created by the “idgenerator” script and its output is sent to the C2 server by the “updater.sh script.”
Because LoudMiner uses a mining pool, it’s impossible to retrace potential transactions to find out how successful the adversaries have been thus far, he added.
To avoid the threat, age-old advice applies: Don’t download pirated copies of commercial software. Malik also offered some hints to identify when an application contains unwanted code. Red flags include a trust popup from an unexpected, “additional” installer; high CPU consumption by a process one did not install (QEMU or VirtualBox in this case); a new service added to the startup services list; and network connections to curious domain names (such as system-update[.]info or system-check[.]services).
FAQs
Mining OS is a Linux based operating system for crypto currency miners. If you have a machine with compatible AMD or NVIDIA graphics card installed, then you should be able to install Mining OS on it and get started with mining your favorite crypto currency.
Can I use a virtual machine for crypto mining? ›
There are a few ways that people can go about mining Bitcoin. One of those ways is by using virtual machines. A virtual machine is a software program that allows you to run another operating system within your current operating system.
How does a Coinminer work? ›
Coinminers (also called cryptocurrency miners) are programs that generate Bitcoin, Monero, Ethereum, or other cryptocurrencies that are surging in popularity. When intentionally run for one's own benefit, they may prove a valuable source of income.
What hardware is needed for crypto mining? ›
There are a few other items required in addition to the hardware parts mentioned to construct a working crypto mining system at home. These are a hard drive or an SSD; a crypto mining software and operating system; a riser for better airflow; a fast internet connection; and a crypto wallet.
Is Linux or Windows better for crypto mining? ›
Should you Pick Windows or Linux for Mining? The choice is ultimately going to come down to your comfort level. If you know Linux or have used it in the past, then its probably going to be the ideal choice for your mining operation.
Which Linux is mine? ›
The command “uname -r” shows the version of the Linux kernel that you're currently using. You'll now see which Linux kernel you're using.
How does IRS know your mining crypto? ›
The IRS knows
To start with, some crypto exchanges send Form 1099 to IRS, alerting the agency that a taxpayer has been trading cryptocurrency. Thus, the taxpayer is likely to be expected to report crypto on their tax returns. Meanwhile, the IRS first added a question about virtual currencies in Form 1040 in 2019.
How do I know if I have a mining virus? ›
Slow performance, lagging, and overheating are warning signs of mining malware infection.
...
Check the network usage
- Open Applications > Utilities > Activity Monitor.
- Choose the Network section.
- Click on Sent Bytes. The list will rank apps from highest to lowest to see which applications are using the network.
To remove Trojan. BitCoinMiner, follow these steps:
- STEP 1: Print out instructions before we begin.
- STEP 2: Use Rkill to terminate suspicious programs.
- STEP 3: Use Malwarebytes AntiMalware to Scan for Malware and Unwanted Programs.
- STEP 4: Scan and clean your computer with Zemana AntiMalware.
Top 10 Bitcoin Mining Hardware [2023 Updated List]
- Comparing the Best Bitcoin Miner Hardware.
- #1) Antminer S19 Pro.
- #2) Antminer T9+
- Pionex – Recommended Crypto Exchange.
- #3) AvalonMiner A1166 Pro.
- #4) AvalonMiner 1246.
- #5) WhatsMiner M30S++
- #6) WhatsMiner M32-62T.
How to build a mining rig: For beginners
- Step 1: Attach the motherboard. Make sure the lever securing your CPU's socket is in the released position. ...
- Step 2: Attach the processor. Attach the processor to the motherboard. ...
- Step 3: Install the RAM. ...
- Step 4: Attaching the PSU. ...
- Step 5: Attaching USB risers. ...
- Step 6: Attaching GPUs.
Yes, you need a powerful computing system for mining cryptocurrencies. A computer with a powerful processor, high SSD storage, dedicated graphics card, high average battery life, and cooling fan technology is ideal for crypto mining.
Can you turn your phone into a crypto miner? ›
Mining cryptocurrency on a smartphone is actually possible. There are various crypto mining apps that you can use to mine crypto directly through your smartphone hardware. These apps often allow you to join mining pools that use some of your phone's power in the mining process.
How much virtual memory do I need for crypto mining? ›
Most mining software requires at least 16 GB virtual memory. In systems with many GPU's, even more virtual memory is required to be able to work well with all mining software and algorithms. A good rule of thumb is to allocate 4 GB plus the total amount of memory on all GPU's.
How much does it cost to run a crypto mining machine? ›
Electricity cost per Bitcoin = Time required to mine one Bitcoin * Energy consumption * Cost = ~5.22 years * 365 days * 24 hours * 3,400 * $0.05 / 1,000 = ~$7,778. Cooling and other overheads per Bitcoin = 20% of electricity cost = ~$1,556.
Which Linux do hackers use? ›
Kali linux
It is developed by Offensive Security as the rewrite of BackTrack and tops our list as one of the best-operating systems for hacking purposes. This Debian-based OS comes with 500+ preinstalled pen testing tools and applications that make your security toolbox richer to start along.
What is my operating system on my phone? ›
Android Devices
- Go to the home screen of your device.
- Touch "Settings," then touch "About Phone" or "About Device."
- From there, you can find the Android version of your device.
The procedure to find os name and version on Linux:
- Open the terminal application (bash shell)
- For remote server login using the ssh: ssh user@server-name.
- Type any one of the following command to find os name and version in Linux: cat /etc/os-release. ...
- Type the following command to find Linux kernel version: uname -r.
Is Bitcoin traceable by the IRS? Yes, Bitcoin is traceable. Here's what you need to know: Blockchain transactions are recorded on a public, distributed ledger.
What happens if you don't tell the IRS about crypto? ›
If you don't report taxable crypto activity and face an IRS audit, you may incur interest, penalties, or even criminal charges. It may be considered tax evasion or fraud, said David Canedo, a Milwaukee-based CPA and tax specialist product manager at Accointing, a crypto tracking and tax reporting tool.
After an initial failure to file, the IRS will notify any taxpayer who hasn't completed their annual return or reports. If, after 90 days, you still haven't included your crypto gains on Form 8938, you could face a fine of up to $50,000.
How do you find a hidden virus? ›
Run a virus scan
A comprehensive scanner will search your computer for any malicious code hiding in Windows, and it will get rid of it. Open your antivirus app and select Run Smart Scan. If you have AVG AntiVirus, you can easily set it up to scan your laptop for malware automatically.
How to detect crypto mining virus? ›
A high and consistent CPU usage percentage could indicate the presence of a crypto malware. Users can check the CPU usage via Task Manager (Windows) or Activity Monitor (macOS).
Can Trojan destroy your computer? ›
Trojans can infect your computer and cause enormous problems before you even know what happened. Once a trojan gets onto your system, it can monitor your keyboard, install additional malware and cause a variety of other problems you simply don't want to face.
Can Trojans be removed? ›
Can Trojan viruses be removed? Trojan viruses can be removed in various ways. If you know which software contains the malware, you can simply uninstall it. However, the most effective way to remove all traces of a Trojan virus is to install antivirus software capable of detecting and removing Trojans.
How to tell if your computer is secretly mining cryptocurrency? ›
First, check your computer's CPU usage. If your computer is being used to mine cryptocurrency, the CPU will be running at almost 100% load. You can check this in your Task Manager or Activity Monitor.
Which crypto is easiest to mine? ›
If you are looking for the cheapest crypto to mine, Monero and Ravencoin will be a good choice. Monero, for instance, can be mined on CPUs with normal computer hardware resources. Nevertheless, Bitcoin and Ethereum should be your top choice if looking for the most profitable cryptocurrencies to mine.
What is the best crypto to mine for beginners? ›
Ethereum – Best for smart contracts and corporate miners. Monero – Best for beginner miners. Ravencoin – Best for low investment mining. Bitcoin Gold – Best for individual miners.
How much can 1 PC make mining bitcoin? ›
Before you purchase your own bitcoin mining rig, really, how much can you make mining Bitcoin in 2022? Generally speaking, if you're mining Bitcoin at home, you can make anywhere from $30 to $450 per mining machine each month.
How long does it take to mine 1 Bitcoin on a computer? ›
It takes around 10 minutes to mine just one Bitcoin, though this is with ideal hardware and software, which isn't always affordable and only a few users can boast the luxury of. More commonly and reasonably, most users can mine a Bitcoin in 30 days.
Mining harms your GPU in the sense that one of its by-products is producing excess heat. If you run your mining setup 24/7 at a high temperature – above 80 oC or 90 oC - the GPU could sustain damage that will severely affect its lifespan. But crypto mining doesnt necsssarily damage your GPU.
How do I start crypto mining at home? ›
To start, you can download one of various crypto mining software programs that will mine on your PC's central processing unit (CPU). This doesn't require any investment in a GPU or a specialized mining rig. Be sure to do your own research and verify that the software comes from a reputable source.
What operating system do crypto miners use? ›
MinerOS is regarded as one of the best mining OS for crypto mining. It is a stable mining operating system that allows you to easily configure and manage your mining rigs and software.
Does ethereum run on Linux? ›
There is an official Ethereum PPA with all of the packages that you'll need to start out with Ethereum. There are a few more programs that you'll install in this guide, but this is the core. The PPA is designed for Ubuntu, but it works great with Debian too.
What programming language is used for crypto mining? ›
C++, introduced back in 1985 by Bjarne Stroustrup, is the best programming language for cryptocurrency development. The language follows OOPs methodology and is highly used for developing cryptocurrencies like Bitcoin, Litecoin, Ripple, Stellar, and EOS.
What software do I use to mine crypto? ›
Best for Automation: Kryptex Miner. Why we chose it: Kryptex Miner is a cryptocurrency mining software that uses your computer power to mine Bitcoin and other cryptocurrencies in the background. The software is only available for Windows, and registered users can download it for free.
Is a crypto miner a computer? ›
Understanding Bitcoin
These networked computers, or miners, process the transaction in exchange for a payment in Bitcoin. Bitcoin is powered by blockchain, which is the technology that powers many cryptocurrencies. A blockchain is a decentralized ledger of all the transactions across a network.
How to setup ethminer Linux? ›
How to Install Ethminer
- $ lspci | grep VGA. $ sudo lshw -C display.
- apt-get install nvidia-cuda-toolkit.
- apt-get install opencl-amdgpu-pro-icd.
- apt-get install git mesa-common-dev cmake.
- mkdir ethminer. cd ethminer.
- git clone https://github.com/ethereum-mining/ethminer .
- mkdir build. cd build. ...
- cmake .. -
More from Cartesi
Cartesi is the first OS on the blockchain, and their Layer-2 solution integrates Linux and standard programming environments to blockchain. This allows developers to code scalable smart contracts with rich software tools, libraries, and services they are used to.
Which OS is best for Ethereum mining? ›
Comparison of the Best Mining Software For Ethereum
| Software | Platform | Our rating |
|---|
| MinerGate | Windows, Mac OS, Linux, and even Android | 5/5 |
| WinETH | Windows (7, 8.1, 10, all 64-bit only) | 4.8/5 |
| Go Ethereum | Windows, Linux, Android, iOS, etc. | 4.6/5 |
| Cudo Miner | Windows, Linux, cloud. | 4.6/5 |
2 more rowsJan 14, 2023
JavaScript is the best coding language for blockchain and is primarily used to build highly interactive web pages.
- Pros. Object-oriented. Prototype-based. ...
- Cons. Dynamic. Interpretation depends on the browser. ...
- Use Cases. Javascript connects the frontend of the application to the Ethereum network and smart contracts.
While most mining software requires some coding skills, novices can get started with MultiMiner with no technical skills. The software walks users through the installation process and then scans the details of the hardware, including average hashing power and the linked pool.
What is most crypto coded in? ›
Solidity
Solidity is the most used and stable Blockchain Programming language recommended by developers worldwide.
