Reason Cybersecurity researchers dubbed the malware Save Yourself, as recipients typically receive the bogus emails from senders like “[email protected].”
The emails state that dangerous malware has infected the recipient’s machine, but Reason found this isn’t the case.
Instead, the firm discovered the malware forcing devices to act as blackmail proxies is also secretly mining privacy-focused cryptocurrency Monero, with all funds generated going directly the attackers.
Save Yourself cleaners are spreading more malwareThe firm was clear to point out that receiving the Bitcoin sextortion email doesn’t automatically mean infection, just that the recipient’s email address has been exposed in a password dump.
Researchers ironically found, however, that many sites offering products to supposedly remove the Save Yourself malware were actually peddling malware.
“It is very possible that the malware author has gathered and combined several viruses and modified them to suit their own needs,” said Reason.
To date, analysts found more than 110,000 users have been infected with the Save Yourself malware.
Save Yourself can also steal your BitcoinReason reported that the malware is designed to remain under the user’s radar. In particular, Save Yourself only uses 50 percent of the infected machine’s CPU to mine Monero, so as not to raise suspicion.
The malware can also reportedly read clipboard data and replace Bitcoin wallet addresses with its own, presumably to redirect cryptocurrency transactions to the attackers.
Save Yourself is also said to compromise any executable found on the ta ..
Support the originator by clicking the read the rest link below.
