Gplyra Miner
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 5,629 |
Threat Level: | 10 % (Normal) |
Infected Computers: | 1,832 |
First Seen: | June 10, 2016 |
Last Seen: | September 20, 2023 |
OS(es) Affected: | Windows |
Computer users that are familiar with the CpuMiner software by IZABELCOIN Ltd. may find the Gplyra Miner (a.k.a. GPLYRA), which is a renamed version of CpuMiner, bundled with freeware. Users may install GPLYRA along with badware such as FireDiveDownloader and FCTPlugin. The Gplyra Miner program uses the same CryptoNote application layer that is employed by several decentralized digital currencies to mine for Bitcoins and generate revenue for its operators. As far as the law is concerned, the Gplyra Miner falls into the gray area and could be used for illegal profit if PC users are not aware that GPLYRA is on their machines. Therefore, the Gplyra Miner is perceived as a Potentially Unwanted Program (PUP).
The operators of the Gplyra Miner may use a custom-made version of the main configuration file cpuminer-conf.json to link instances of GPLYRA to a private server. An analysis reveals that the Gplyra Miner is programmed to connect via port 2845 to a remote server found at Poolminers.net. However, GPLYRA may be configured to connect to other servers and use other ports if necessary. As stated above, GPLYRA is a modified version of CpuMiner, and it should not come as a surprise that its main executable is named CPM.exe. When GPLYRA is installed on the targeted PC, it can be seen in the MSCONFIG utility and set to run in the system startup process. GPLYRA is quite greedy when it comes to system resources, and may hijack thirty percent of the user's processing power. The prolonged activity of the Gplyra Miner program may lead to diminished PC lifespan, increased electricity consumption and data loss on SSDs.
Computer users that employ the services of programs like Process Explorer and Process Hacker 2 can detect GPLYRA relatively easily. Security experts note that the Gplyra Miner is seen on PCs that do not incorporate an AV shield predominantly. Needless to say, PC users that like to keep their PCs running smoothly should be mindful of which software they install. You should consider incorporating a trusted anti-malware solution to detect and remove GPLYRA if necessary.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.